Shared session value between JSP and ASP.net

Asp.net|js|session

Introduction: ASP. NET, the JSP can use the value of the session in ASP.net
This topic has just begun, baby (itbaby.jss.cn) The idea is to asp.net the serialization session in binary data to the database, and then read the database from the JSP binary data deserialized into session pairs

Like, and then forced into the Java session object, in the Java side of the conversion, there are errors, find the information on the Internet has not been able to solve, so the use of a replacement method.

Way of thinking of the replacement:

In the ASPX file that is logged in, the value of the variable in the session is saved to a table in the database, the keyword uses the sessionid of the ASP.net session object, and then an ASPX file is created, taking

Get the current logged-in user's SessionID, and use the ASP.net redirect statement, go to the JSP file, the URL request path format for test.jsp?aspnetsessionid=ffj12d455p0ujr45vdqwhh45, if

Asp. NET is not logged in or unsuccessful, although there is a SessionID value, but there is no data associated with the SessionID in the database

Some readers may find that the path of such a request can also be completed without test.jsp?aspnetsessionid=ffj12d455p0ujr45vdqwhh45, yes, you can use test.jsp?userid=1111

The formula also passes the value, of course userid is the value obtained after the successful landing of ASP.net, but so some users can know the sensitive data of userid (user number).


Create a table
Table Name:
Iis_session
Field Name:
ID varchar (26)--Storage of ASP.net SessionID
UserID Int (4)--the user number that holds the successful login
Power Int (4)--The user's permission number


Asp. NET program Source fragment:

/* Login is successful, the following codeing can be placed on the authenticated ASPX page of the login * *

Record session value to database
private void Writesession2db (string sessionid,string suid,string SPWR)
{
Connect the database code, the reader adds itself
string sessid = SessionID;
String strSQL = "INSERT into iis_session (id,userid,power) VALUES (@seionID, @UID, @PWR)";

Webmod.sqlconn is the database connection object, the reader replaces itself with the database connection
SqlCommand SQLCMD = new SqlCommand (strsql,webmod.sqlconn);
SQLCMD.PARAMETERS.ADD ("@seionID", SqlDbType.VarChar). Value = Sessid;
SQLCMD.PARAMETERS.ADD ("@UID", SqlDbType.Int). Value = Convert.ToInt32 (Suid.trim ());
SQLCMD.PARAMETERS.ADD ("@PWR", SqlDbType.Int). Value = Convert.ToInt32 (Spwr.trim ());
Sqlcmd.executenonquery ();
Close the database connection and add the reader yourself

}



/* When the user exits the system, the database in the corresponding SessionID row of data deleted, can be placed in the Exit page, or global.asax session_end process * *

Delete Session value in the database
private void Removesession4db ()
{
Connect the database code, the reader adds itself
string sessid = Session.SessionID;
String strSQL = "Delete from iis_session where id= '" +sessid+ "";

Webmod.sqlconn is the database connection object, the reader replaces itself with the database connection
SqlCommand SQLCMD = new SqlCommand (strsql,webmod.sqlconn);
Sqlcmd.executenonquery ();
Close the database connection and add the reader yourself
}


/* An ASPX page redirected to JSP, add the following code to the Page_Load of this aspx page * *
private void Page_Load (object sender, System.EventArgs e)
{
String Strsessionid = Session.SessionID.Trim ();
String strroot = "http://localhost/test.jsp?aspnetsessionid=" +strsessionid;
Response.Redirect (strroot,true);
}



JSP Program Source fragment:
<%@ page contenttype= "text/html;charset=gb2312"%>
<%
/*
Their own database connection classes, users can replace their own
*/
%>
<jsp:usebean id= "db" scope= "page" class= "Com.itbaby.bean.dbx.database"/>

<%

String saspnetsessionid=request.getparameter ("Aspnetsessionid");

Using the connection pool connection database, users can replace their own
String sdbsourcename= "Itbaby_dbpool";
Db.dbconnopen (Sdbsourcename);

String ssql= "Select Userid,power from iis_session where id= '" +saspnetsessionid+ "";

Readers themselves replace the code that reads the result set
Java.sql.ResultSet rs=db.getrs (sSQL);

if (Rs.next ())
{

String SUID = rs.getstring (1);
String spower = rs.getstring (2);

/* Read the corresponding SessionID value in the database and show that if asp.net session times out, there will be no value * *
Out.print ("Out.print ("
}
Rs.close ();

Db.dbconnclose ();

%>

Well, although not a good method, but also can be used, but also protects the user's some sensitive data
I will continue to consider using serialization and deserialization to share session objects between different Web languages instead of the above, shared session values