jsp and asp.net share the session value sample code

The idea is that in ASP.NET, the serialized Session is saved to the database in base 2, and then JSP reads the base 2 data in the database and deserializes it into Session object, and then forces the conversion into Session object. During the conversion at the end of JAVA, an error occurs, and the data found on the Internet cannot be solved, so a replacement method is adopted.

The idea of the replacement method:

In the login ASPX file, after the successful login, save the variable value in Session to a table in the database, use the SessionID of Session object of ES14en.NET for the keyword, then set up an ASPX file, get the SessionID of the current login user, and use the ES20en.NET redirect statement, go to the JSP file, the path format of the URL request is ES24en.jsp? aspnetsessionid = ffj12d455p0ujr45vdqwhh45, if ASP NET not logged in or log in is not successful, despite SessionID value, but the database is not the SessionID associated data may be some readers find, need not test. jsp? aspnetsessionid = ffj12d455p0ujr45vdqwhh45 such request path can be completed, yes, can use test. jsp? userid=1111 this way also pass the value, of course userid is by ASP. NET login success, the value obtained, but this way some users can know USERID this sensitive data.

Create a table

tablename:
iis_session
fieldname:
idvarchar-- store ASP.NET the SessionID
useridint-- Store the user number after successful login 
powerint-- Store the user's permission number 

// After successful login, the following will be available CODEING Put authentication on login ASPX In the page /
// record Sessionvalue To the database 
privatevoidWriteSession2DB
// When the user exits the system, the corresponding in the database SessionID the 1 Row data is deleted, can be placed on the exit page, or Global.asax the Session_END In the process of /
// Delete from the database Sessionvalue
privatevoidRemoveSession4DB

//1 Redirect to JSP the ASPX Page, in this one ASPX Of the page PAGE_LOAD Add the following code to /
privatevoidPage_Load

<%@pagecontentType="text/html;charset=gb2312"%>
<%
/
 Own database connection class that users can replace by themselves 
/
%>
<jsp:useBeanid="db"scope="page"/>
<%
StringsASPNetSessionID=request.getParameter;
// Using connection pooling to connect to the database, users can replace it with their own 
StringsDBSourceName="itbaby_dbpool";
db.dbConnOpen;
StringsSql="selectuserid . powerfromiis_sessionwhereid= ' "+sASPNetSessionID+" ' ";
// The reader replaces the code that reads the result set himself 
java.sql.ResultSetrs=db.getRs;
if)
rs.close;
db.dbConnClose;
%>

Well, it's not a very good method, but it can be used, and it also protects some sensitive data of the user

I will continue to consider using serialization and deserialization to share the Session object between different WEB languages instead of sharing the value of Session above