The idea is ASP. NET serialization Session is saved to the database as binary data, and then the JSP reads the binary data in the database and deserializes it into a Session object, and then forcibly converts it into a Session object. During JAVA-side conversion, if an error occurs, you cannot solve the problem by searching online materials. Therefore, you can use a replacement method.
Ideas for the replacement method:
Log on to the ASPX file. After Successful Logon, save the variable values in the Session to a table in the database. The keyword is ASP. NET Session Object SessionID, and then create An ASPX file to obtain the SessionID of the current login user, and use ASP.. NET redirection statement, to the JSP file, the URL request path format is test. jsp? Aspnetsessionid = ffj12d455p0ujr45vdqwhh45, if ASP. NET is not logged on or logon fails. Although there is a SessionID value, some readers may find that there is no data associated with this SessionID in the database, and test is not required. jsp? Aspnetsessionid = ffj12d455p0ujr45vdqwhh45 and other request paths can also be completed. Yes, you can use test. jsp? The userid = 1111 method also transmits the value. Of course, userid is obtained after ASP. NET is successfully logged on, but some users can know the sensitive data of USERID.
Create a table
Copy codeThe Code is as follows:
Tablename:
Iis_session
Fieldname:
Idvarchar -- stores ASP. NET SessionID
Useridint -- stores the user ID after Successful Logon
Powerint -- permission number for storing users
Copy codeThe Code is as follows:
// After Successful Logon, you can place the following CODEING In the logon authentication ASPX page/
// Record Sessionvalue to the database
PrivatevoidWriteSession2DB
// When the user exits the system, the user deletes a row of data corresponding to the SessionID in the database, which can be placed on the exit page or the Session_END process of Global. asax/
// Delete Sessionvalue from the database
PrivatevoidRemoveSession4DB
// A aspx page redirected to JSP, add the following code in PAGE_LOAD of this ASPX page/
PrivatevoidPage_Load
Copy codeThe Code is as follows:
<% @ PagecontentType = "text/html; charset = gb2312" %>
<%
/
You can replace your own database connection classes.
/
%>
<Jsp: useBeanid = "db" scope = "page"/>
<%
StringsASPNetSessionID = request. getParameter;
// The connection pool is used to connect to the database. you can replace it with your own
StringsDBSourceName = "itbaby_dbpool ";
Db. dbConnOpen;
StringsSql = "selectuserid, powerfromiis_sessionwhereid = '" + sASPNetSessionID + "'";
// The Reader replaces the code used to read the result set.
Java. SQL. ResultSetrs = db. getRs;
If)
Rs. close;
Db. dbConnClose;
%>
Well, although it is not a good method, it can also be used to protect users' sensitive data.
I will continue to consider using serialization and deserialization to share Session objects between different WEB languages, instead of sharing Session values.