使用HttpModule在后台服务中访问Session
我正在尝试在 asp.net 中创建一个后台服务,它检查会话超时并将用户重定向到超时页面(而不是登录页面)。 我的代码是这样的
public class SessionTimeoutModule : IHttpModule
{
private static Timer timer;
//Test value
private const int interval = 1000 * 1 * 10;
public void Init( HttpApplication application )
{
if ( timer == null )
{
timer = new Timer( new TimerCallback( CheckSessionTimeout ),
application.Context, 0, interval );
}
}
private void CheckSessionTimeout( object sender )
{
HttpContext ctx = (HttpContext)sender;
if ( ctx.Session != null && ctx.Session.IsNewSession )
{
var cookie = ctx.Request.Headers["Cookie"];
if ( cookie != null )
{
if ( cookie.ToUpper().IndexOf( "ASP.NET_SESSIONID" ) >= 0 )
{
ctx.Response.Redirect( "" );
}
}
}
}
public void Dispose()
{
timer = null;
}
}
这里的问题是我无法在 CheckSessionTimeout 方法中获取会话值。 它始终为空。 怎样才能得到这里的Session。
我已经看过这个解决方案,但它没有帮助。
I am trying to create a background service in asp.net which checks for session timeouts and redirects the user to a timeout page ( not the login page ). My code is like this
public class SessionTimeoutModule : IHttpModule
{
private static Timer timer;
//Test value
private const int interval = 1000 * 1 * 10;
public void Init( HttpApplication application )
{
if ( timer == null )
{
timer = new Timer( new TimerCallback( CheckSessionTimeout ),
application.Context, 0, interval );
}
}
private void CheckSessionTimeout( object sender )
{
HttpContext ctx = (HttpContext)sender;
if ( ctx.Session != null && ctx.Session.IsNewSession )
{
var cookie = ctx.Request.Headers["Cookie"];
if ( cookie != null )
{
if ( cookie.ToUpper().IndexOf( "ASP.NET_SESSIONID" ) >= 0 )
{
ctx.Response.Redirect( "" );
}
}
}
}
public void Dispose()
{
timer = null;
}
}
The problem here is that i am not able to get the session value in the CheckSessionTimeout method. It is always null. How can get the Session here.
I have looked at this solution but it doesnt help.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
恐怕您走错了路。 您无法使用这样的 HttpModule 来实现后台服务。 您传递的 HttpContext 绑定到 HTTP 请求,我确信您不应该像您试图做的那样保留它。 此外,即使您可以检测到会话超时,也无法在没有活动请求的情况下将用户重定向到新页面。
您可能会发现这个线程很有帮助。
I'm afraid you are on the wrong track here. You cannot implement a background service using an HttpModule like this. The HttpContext you are passing around is bound to an HTTP request, and I'm quite sure you should not keep it around like you're trying to do. Also even if you could detect the session time-out, there would be no way to redirect the user to a new page without an active request.
You might find this thread helpful.
我认为这里存在一个逻辑错误,即使您修复了代码,您也永远不会结束会话。
如果你可以访问一个会话,它就会有一个sessionID。 您无法通过这种方式获得因超时而结束的会话。
也许你应该使用global.asax的session_end。 但我不确定这会有帮助。
另外在这里你可以看到,SessionID在Session.Abandon之前不会被替换。
I think there is a logical mistake here, even if you fix your code, you will never get an ended session.
if you can access to a session, it will have a sessionID. You can not get a session which ended by timeout by this way.
Maybe you should use global.asax's session_end. but I'm not sure it will help.
Also in here you can see, SessionID is not replaced until Session.Abandon.