Introduction: After logging in in ASP.NET, JSP can use the value of the Session in ASP.Net. This topic has just begun. The idea of Baby (itbaby.jss.cn) is that the serialized Session in ASP.NET is saved to the database as binary data. Then JSP reads the binary data in the database and deserializes it into a Session
object
, and then forcibly converts it into a JAVA Session object. During the conversion on the JAVA side, an error occurred, and searching for information on the Internet could not solve it, so a method was used.Replacement method.
The idea of the replacement method:
In the logged-in ASPX file, after successful login, save the variable value in the Session to a table in the database. The keyword uses the SessionID of the Session object of ASP.NET, and then creates a ASPX file,
obtain
the SessionID of the currently logged in user, and use the ASP.NET redirect statement to go to the JSP file. The path format of the URL request is test.jsp?aspnetsessionid=ffj12d455p0ujr45vdqwhh45. IfASP.NET is not logged in or the login fails, Success. Although there is a value for SessionID, there is no data associated with the SessionID in the database.
Some readers may find that the request can be completed without using the request path such as test.jsp?aspnetsessionid=ffj12d455p0ujr45vdqwhh45. Yes, test.jsp can be used? Userid=1111
also
transfers values. Of course, userid is the value obtained after ASP.NET successfully logs in, but in this way some users can know the sensitive data of USERID (user number).
Create a table
table name:
iis_session
field name:
id varchar(26) --storage the SessionID of ASP.NET
userid int(4) – stores the user number after successful login
power int(4) --storage the user's permission number
ASP.NET program source code fragment:
/*After successful login, the following CODEING can be placed in the login verification ASPX page*/
//Record Session value to the database
private void WriteSession2DB(string sessionID,string sUID,string sPWR)
{
//Connect to the database code, readers can add it themselves
string sessID = sessionID;
string strSQL = "insert into iis_session(id,userid,power) values(@seionID,@UID,@PWR)";
//webmod.sqlConn is the connection object of the database, readers can replace it with their own database connection
SqlCommand sqlCmd = new SqlCommand(strSQL,webmod.sqlConn);
sqlCmd.Parameters.Add("@seionID",SqlDbType.VarChar).Value = sessID;
sqlCmd.Parameters.Add("@UID", SqlDbType.Int ).Value = Convert.ToInt32(sUID.Trim());
sqlCmd.Parameters.Add("@PWR", SqlDbType.Int).Value = Convert.ToInt32(sPWR.Trim());
sqlCmd.ExecuteNonQuery();
//Close the database connection, readers can add by themselves
}
/*When the user exits the system, delete a row of data corresponding to the SessionID in the database, which can be placed on the exit page or in the Session_END process of Global.asax*/
//Delete the Session value in the database
private void RemoveSession4DB()
{
//Connect to the database code, readers can add it themselves
string sessID = Session.SessionID;
string strSQL = "delete from iis_session where id='"+sessID+"'";
//webmod.sqlConn is the connection object of the database, and readers can replace it with their own database connection.
SqlCommand sqlCmd = new SqlCommand(strSQL,webmod.sqlConn);
sqlCmd.ExecuteNonQuery();
//Close the database connection and readers can add it by themselves
}
/*An ASPX page redirected to JSP, add the following code in PAGE_LOAD of this ASPX page*/
private void Page_Load(object sender, System.EventArgs e)
{
string strSessionID = Session.SessionID.Trim();
String strRoot = " http://localhost/test.jsp?aspnetsessionid="+strSessionID ;
Response.Redirect(strRoot,true);
}
JSP program source code snippet:
<%@ page contentType="text/html;charset=gb2312"%>
<%
/*
Own database connection class, users can replace it themselves
*/
%>
<jsp:useBean id="db" scope="page" class="com.itbaby.bean.dbx.database"/>
<%
String sASPNetSessionID=request.getParameter("aspnetsessionid");
//A connection pool connection is used Database, users can replace it with their own
String sDBSourceName="itbaby_dbpool";
db.dbConnOpen(sDBSourceName);
String sSql="select userid,power from iis_session where id='"+sASPNetSessionID+"'";
//Readers can replace the code for reading the result set by themselves
java.sql.ResultSet rs=db.getRs(sSql);
if(rs.next())
{
String sUID = rs.getString(1);
String sPower = rs.getString(2);
/*Read the corresponding SESSIONID value in the database and display it. If the ASP.NET SESSION times out, there will be no value*/
out.print("<H1>ASP.Net Session Value UserID = "+sUID+"</H1><br><br>");
out.print("<H1>ASP.Net Session Value Power = "+sPower+"</H1><br><br>");
}
rs.close();
db.dbConnClose();
%>
Okay, although it is not a very good method, it can be used, and it also protects some sensitive data of the user. I will continue to consider using serialization and deserialization. Ways to achieve sharing of Session objects between different WEB languages instead of the above, sharing of Session values