状态服务器会话 - 跨应用程序域?
当使用状态服务器进行会话时,会话仍然是特定于 appDomain 的吗?例如,我在一台 Web 服务器上有两个不同的 IIS 应用程序(虚拟目录),它们都指向一个会话状态服务器。来自 cookie 的会话 guid 在来自两个应用程序的请求中将是相同的,那么同一个会话是否可以跨这两个应用程序访问?谢谢。
When using a State server for session, are sessions still appDomain specific? So for example, I have two different IIS applications(virtual directories) on a web server, and they both point to one state server for session. The session guid from the cookie will be the same across requests from both applications, so will the same session be accessible across both of these applications? Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
正如 @ntziolis 在他的回答中提到的,以及 @Aristos 在他的评论中提到的,会话基于应用程序名称和会话 cookie 的组合。如果应用程序名称相同并且会话 cookie 值相同,您就可以让它工作(就像我刚才所做的那样)。
为了使应用程序名称相同,我使用了 此解决方案来自使用反射的SO:
我将其添加到(我的每个站点的)两个 Global.asax 文件中。
要使会话cookie相同,cookie不能因为路径或域而无效。如果您在同一个站点下有两个虚拟目录,则您可以使用 cookie 的路径和路径。域问题。
除非您在 web.config 文件中添加显式代码,否则默认情况下会话 cookie 的名称和计算机密钥也将相同。如果没有,您需要确保您的
已显式设置并且在两个应用程序之间相同,并且
是显式设置的,并且在两个应用程序之间是相同的:
中的cookieName
值相同。 sessionState>这对我有用 - 我能够为此启动一个概念验证网站。
As @ntziolis mentioned in his answer, and @Aristos mentioned in his comment, the session is based on a combination of the application name and the session cookie. You can get it to work (as I just did) if the application name is the same and the session cookie value is the same.
To get the application name to be the same, I used this solution from SO that uses reflection:
I added that to both Global.asax files (of each of my sites).
To get the session cookie to be the same, the cookie cannot be invalid due to the path or the domain. If you have two virtual directories under the same site, you are fine on the cookie's path & domain issue.
Unless you added explicit code to your web.config file, the session cookie's name and machine key would also be the same by default. If not, you would need to make sure your
<machineKey>
is explicitly set and the same between the two applications, and the value forcookieName
in<sessionState>
is explicitly set and the same between the two applications:That worked for me - I was able to spin up a proof-of-concept web site for this.
问题是不是 appDomain,而是应用程序名称(在 web.config 中)。只要应用程序名称相同,您就应该能够共享会话状态。
对于不同的应用程序名称,请检查 此处。
The issue is not the appDomain but the application name (in the web.config). As long as the application name is the same you should be able to share session state.
For different application names check here.