Sample Code for jsp and asp.net shared session values

Source: Internet
Author: User
Tags net serialization

The idea is ASP. NET serialization Session is saved to the database as binary data, and then the JSP reads the binary data in the database and deserializes it into a Session object, and then forcibly converts it into a Session object. During JAVA-side conversion, if an error occurs, you cannot solve the problem by searching online materials. Therefore, you can use a replacement method.

Ideas for the replacement method:

Log on to the ASPX file. After Successful Logon, save the variable values in the Session to a table in the database. The keyword is ASP. NET Session Object SessionID, and then create An ASPX file to obtain the SessionID of the current login user, and use ASP.. NET redirection statement, to the JSP file, the URL request path format is test. jsp? Aspnetsessionid = ffj12d455p0ujr45vdqwhh45, if ASP. NET is not logged on or logon fails. Although there is a SessionID value, some readers may find that there is no data associated with this SessionID in the database, and test is not required. jsp? Aspnetsessionid = ffj12d455p0ujr45vdqwhh45 and other request paths can also be completed. Yes, you can use test. jsp? The userid = 1111 method also transmits the value. Of course, userid is obtained after ASP. NET is successfully logged on, but some users can know the sensitive data of USERID.

Create a table

Copy codeThe Code is as follows:
Tablename:
Iis_session
Fieldname:
Idvarchar -- stores ASP. NET SessionID
Useridint -- stores the user ID after Successful Logon
Powerint -- permission number for storing users

Copy codeThe Code is as follows:

// After Successful Logon, you can place the following CODEING In the logon authentication ASPX page/

// Record Sessionvalue to the database
PrivatevoidWriteSession2DB

// When the user exits the system, the user deletes a row of data corresponding to the SessionID in the database, which can be placed on the exit page or the Session_END process of Global. asax/

// Delete Sessionvalue from the database
PrivatevoidRemoveSession4DB

// A aspx page redirected to JSP, add the following code in PAGE_LOAD of this ASPX page/
PrivatevoidPage_Load

Copy codeThe Code is as follows:
<% @ PagecontentType = "text/html; charset = gb2312" %>
<%
/
You can replace your own database connection classes.
/
%>
<Jsp: useBeanid = "db" scope = "page"/>

<%

StringsASPNetSessionID = request. getParameter;

// The connection pool is used to connect to the database. you can replace it with your own
StringsDBSourceName = "itbaby_dbpool ";
Db. dbConnOpen;

StringsSql = "selectuserid, powerfromiis_sessionwhereid = '" + sASPNetSessionID + "'";

// The Reader replaces the code used to read the result set.
Java. SQL. ResultSetrs = db. getRs;

If)

Rs. close;

Db. dbConnClose;

%>

Well, although it is not a good method, it can also be used to protect users' sensitive data.

I will continue to consider using serialization and deserialization to share Session objects between different WEB languages, instead of sharing Session values.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.