In the WEB system. We usually use the session to save some simple but very important information. For example, ASP. NET often uses session to save user login information, such as UserID. In order to solve the Web farm everyone adopted the session exists in DB, the session expires everyone generally adopt page jump, that is, login again, login and return to the page.
Personally think that the above design is not very good, for the Web farm, suppose we put the session db so the new can be slower than memory storage. Therefore, it is recommended to use distributed cache to access the session. I recommend using cookies for session expiration. In a large site session should be used with caution, after all, it occupies the contents of the server. A user session assumes 1k of space, then 100W users at the same time online session to occupy how much space. Once I put the userid directly into the cookie there will be a browser string cookie problem, for example, I use IE login use1, with FF login user2, found that the user information behind login will overwrite the value of the previous login user.
Back to find the session expired, but SessionID is still in, and the value in the cookie.
Implement code such as the following:
Core code:
String UserID
{
Get
{
if (session["UserID"]! = NULL)
{
return session["UserID"]. ToString ();
}
if (request.cookies[session.sessionid.tostring ()] = null)
{
string Cv=request.cookies[session.sessionid]. Value;
session["UserID"] = CV;
return CV;
}
return string. Empty;
}
Set
{
session["UserID"] = value;
string key = Session.SessionID.ToString ();
HttpCookie kc = new HttpCookie (key, value);
KC. HttpOnly = true;
Response.Cookies.Add (KC);
}
}
Public partial class WebForm1:System.Web.UI.Page {protected void Btnset_click (object sender, EventArgs e) {session["name"] = "Majiang"; This.lblSet.Text = "Session ID:" + Session.SessionID.ToString (); } protected void Btnget_click (object sender, EventArgs e) {labget.text = "session ID:" + Session . Sessionid.tostring (); if (session["name"] = null) {Labget.text + = "<br/>" + session["name"]. ToString (); }} dictionary<string, string> dict = new dictionary<string, string> (); protected void Page_Load (object sender, EventArgs e) {Dict. ADD ("1", "Majiang"); Dict. ADD ("2", "Gavin"); } string UserID {get {if (session["UserID"]! = null) { return session["UserID"]. ToString (); } if (RequeSt. Cookies[session.sessionid.tostring ()]! = null) {string cv=request. Cookies[session.sessionid]. Value; session["UserID"] = CV; return CV; } return string. Empty; } set {session["UserID"] = value; String key = Session.SessionID.ToString (); HttpCookie KC = new HttpCookie (key, value); Kc. HttpOnly = true; RESPONSE.COOKIES.ADD (KC); }} protected void Btnsetwithcookie_click (object sender, EventArgs e) {UserID = This.txtu SerID.Text.Trim (); This.labsetCookie.Text = Session.SessionID.ToString (); } protected void Btngetwithcookie_click (object sender, EventArgs e) {this.labGetCookie.Text = "S Ession ID: "+ Session.SessionID.ToString (); Labgetcookie.text + = "<br/>" +Dict[userid]. ToString (); } }
<%@ page language= "C #" autoeventwireup= "true" codebehind= "WebForm1.aspx.cs" inherits= "Sessiontest.webform1"%> <! DOCTYPE html>The effect of the implementation
Look at the HTTP request:
Large Web site NET session expires what do you do?