A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
Preparations before reading this article
Before reading this article, you need to understand the following knowledge. Otherwise, you may encounter different levels of problems in the reading process.
Understand ASP/ASP. NET Programming
This unique SessionID has great practical significance. When a user submits a form, the browser automatically attaches the user's SessionID to the HTTP header information (this is an automatic function of the browser and the user will not notice it ), after the server processes the form, it returns the result to the user corresponding to the SessionID. Imagine how the server knows which user submitted the form when two users register simultaneously without SessionID. Of course, SessionID has many other functions, which we will mention later.
In addition to SessionID, each Session contains many other information. However, for ASP or ASP. NET Programming and programming, the most useful thing is to access ASP/ASP. NET's built-in Session object to store their own information for each user. For example, if we want to know how many pages a user visits our website browses, we may add the following to each page that a user may access:
You can use the following sentence to learn about several pages you have browsed:
Some readers may ask: where does this seemingly array Session ("...") come from? Do I need to define it? In fact, this Session object is a built-in object of the WWW server with ASP interpretation capability. That is to say, this object has been defined for you in the ASP system, and you only need to use it. The variable name in Session ("...") is like the variable name. In Session ("...") = $, $ is the variable value. You only need to write a sentence to access the value in the variable .. on every page of the user.
In fact, ASP has a total of seven built-in objects, including Session, Application, Cookie, Response, Request, Server, etc. Similar objects are also available in other server-side scripting languages such as JSP and PHP, but they are not the same in terms of naming or usage.
ASP Session functional defects
Process dependency: the ASP sessionstate is stored in the iisprogress, And the inetinfo.exe program is also used. When the inetinfo.exe process crashes, the information is lost. In addition, restarting or disabling the IIS service will cause information loss.
Introduction to the Web. config file
There are two types of Web. config: the server configuration file and the Web application configuration file, both named Web. config. This configuration file stores a series of information about the web pages written in which language, Application Security Authentication mode, and Session information storage mode on the current IIS server. This information is saved using XML syntax. If you want to edit it, use the text editor.
The server configuration file takes effect for all applications on all sites on the IIS server. In. NET Framework 1.0, the Web. config file of the server exists in \ WinNT \ Microsoft. NET \ Framework \ v1.0.3705.
The Web application configuration file Web. config is stored in various Web applications. For example, the root directory \ Inetpub \ wwwroot of the current website, and the current Web application is MyApplication, the root directory of the Web application should be \ Inetpub \ wwwroot \ MyApplication. If your website has only one Web application, the root directory of the application is \ Inetpub \ wwwroot. To add a Web application, add a virtual directory with the application starting point in IIS. The files and directories under this directory are considered as a Web application. However, adding a Web application through IIS does not generate a Web. config file for you. To create a Web application with a Web. config file, use Visual Studio. NET to create a Web application project.
The Web. config configuration file of the Web application is optional and optional. If not, each Web application uses the Web. config configuration file of the server. If yes, the corresponding values in the Web. config configuration file of the server will be overwritten.
In ASP. NET, modifications to Web. config will automatically take effect immediately after they are saved. You do not need to restart the Web application to take effect after modifying the configuration file in ASP.
Session configuration information in the Web. config file
This section describes how the application stores Session information. The following operations mainly aim at this configuration section. Let's take a look at the meaning of the content contained in this section. The syntax of the sessionState node is as follows:
<SessionState mode = "Off | InProc | StateServer | SQLServer"
The required attribute is
Storage of client Session Status in ASP. NET
In ASP. NET, by default, Session information is stored on the client using cookies. If you want to use Cookieless on the client to store Session information, the method is as follows:
Find the root directory of the current Web application, open the Web. Config file, and find the following section:
In this section, cookieless = "false" is changed to cookieless = "true". In this way, the Session information of the client is no longer stored using cookies, but stored through URLs. Close the current IE, open a new IE, and re-access the Web application, you will see something similar to the following:
Http: // localhost/MyTestApplication/(ulqsek45heu3ic2a5zgdl245)/default. aspx indicates the Session ID of the client. Note that this information is automatically added by IIS and does not affect the normal connection.
Storage of server Session Status in ASP. NET
To better experience the experiment, you can create a page named SessionState. aspx and add the following code to <body> </body>.
<Scriptrunat = "server">
Sub CheckSession (sender As Object, eAs EventArgs)
This SessionState. aspx page can be used to test whether Session information is lost on the current server.
Store Server Session information in the process
When the mode value is InProc, it indicates that the server is using this mode.
This method is the same as the previous ASP mode, that is, the server stores Session information in the IIS process. When IIS is disabled or restarted, the information is lost. However, this mode also has its own biggest advantage, that is, the highest performance. It should be that all Session information is stored in the IIS process, so IIS can quickly access this information, the performance of this mode is much faster than that of Session information stored outside the process or stored in SQL Server. This mode is also the default mode for ASP. NET.
Now let's do a test. Open the SessionState. aspx page and enter some characters to store them in the Session. Then, let's restart IIS. Note that it is not to stop the current site and start again, but to right-click the node of the machine name in IIS and choose restart IIS. (To restart IIS when NT4 is used, you must restart the computer. Microsoft returns SessionState. on the aspx page, check the Session information and find that the information has been lost.
Store Server Session information outside the process
Return to the preceding section in the Web. config file and change the mode Value to StateServer. Open another IE after saving the file, open the SessionState. aspx page, and save some information to the Session. At this time, let's restart IIS and return to the SessionState. aspx page to view the Session information.
In fact, this method of storing Session information outside the process not only means that the information can be stored in the local process, but also the Session information can be stored in other server processes. In this case, you not only need to change the mode Value to StateServer, but also need to configure the corresponding parameters in stateConnectionString. For example, if you want to store the Session in the process of a computer whose IP address is 192.168.0.2, you need to set it to stateConnectionString = "tcpip = 192.168.0.2: 42424 ". Of course, do not forget to install. NET Framework on the computer 192.168.0.2 and start the ASP. NET State Services Service.
Store Server Session information in SQL Server
[System drive] \ winnt \ Microsoft. NET \ Framework \ [version] \
Then open the query analyzer, connect to the SQL Server, open the file and execute it. Wait a moment and the database and job will be created. In this case, you can open the Enterprise Manager and see a new database called ASPState. However, this database only contains some stored procedures and does not use user tables. In fact, Session information is stored in the ASPStateTempSessions table of the tempdb database, and the other ASPStateTempApplications table stores the Application Object Information in ASP. These two tables are also created by the script just now. In addition, you can view "manage"> "SQL Server proxy"> "job" and find another job called ASPState_Job_DeleteExpiredSessions. This job actually deletes expired Session information from the ASPStateTempSessions table every minute.
Then, we return to the Web. config file and change the mode Value to SQLServer. Note: You must also modify the sqlConnectionString value in the following format:
SqlConnectionString = "data source = localhost; Integrated Security = SSPI ;"
Data source refers to the IP address of the SQL Server. If SQL Server and IIS are a Server, write 127.0.0.1. Integrated Security = SSPI means to use Windows Integrated Identity Authentication, so that accessing the database will use ASP.. NET identity, through this configuration, you can obtain better security than the SQL Server authentication method using userid = sa; password = password. Of course, if SQL Server runs on another computer, you may need to maintain consistency between the two sides through Active Directory domains.
Similarly, let's do a test. Add the Session information to SessionState. aspx and you will find that the Session information already exists in SQL Server. Even if you restart the computer, the Session information will not be lost. Now you have fully seen what the Session information looks like and is stored in SQL Server. What you can do depends on your performance. Haha.
At the same time, you will also find that the entire technology includes the integration of operating systems, Web Services, and database technologies. I believe that Windows is not Unix stable, IIS is not Apache stable, and SQL Server is not powerful as Oracle. But who can perfectly link them together? So, although Microsoft is not too strong in every aspect, if Microsoft's things are integrated together, who would say that it is not powerful? Microsoft is Microsoft!
|Source: Flying Technology Network|
Start building with 50+ products and up to 12 months usage for Elastic Compute Service