HttpSession 会话 ID 与 FlexSession ID 不同
我有一个通过 JSP 页面提供服务的 Flex 应用程序。在此页面中,加载页面时,我使用 HttpSession 输出会话 ID:
System.out.println("Session ID: " + session.getId());
在 BlazeDS 托管的一个非常简单的远程对象中(使用 AMF 通道和标准 RemoteObject 功能从 Flex 应用程序调用),我还输出会话 ID,但这次使用FlexSession(据我了解应该环绕 HttpSession)。
System.out.println("FlexSession ID: " + FlexContext.getFlexSession().getId());
我希望两个 ID 相同,但事实并非如此。会话 ID 不同,这会导致问题,因为 HttpSession 中存储有数据,我需要能够从 BlazeDS 中的远程对象访问这些数据。
我已经用尽了有关 BlazeDS 和 FlexClient/FlexSession/FlexContext 的阅读材料,但不明白为什么 FlexSession 没有链接到 HttpSession。任何指点都非常感激。
我觉得我一定错过了一些基本的东西,我是否正在访问
I have a Flex application which is served via a JSP page. In this page I output the session ID using HttpSession when the page is loaded:
System.out.println("Session ID: " + session.getId());
In a very simple remote object hosted in BlazeDS (called from the flex application using an AMF Channel and standard RemoteObject functionality) I also output the session ID but this time using FlexSession (which as I understand is supposed to wrap around HttpSession).
System.out.println("FlexSession ID: " + FlexContext.getFlexSession().getId());
I would expect both IDs to be the same but this is not the case. The session IDs differ which is causing problems as there is data stored in the HttpSession which I need to be able to access from my remote objects within BlazeDS.
I've exhausted the reading material on BlazeDS and FlexClient/FlexSession/FlexContext but can't see why the FlexSession is not being linked to the HttpSession. Any pointers greatly appreciated.
I feel I must be missing something fundemental here, am I accessing the
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我不认为它与 FlashPlayer 有关。更与 FlexSession 的概念以及 BlazeDS/LCDS 的工作原理相关。例如,即使不使用 http 通道,您也可以拥有活动会话 - 使用 NIO/RTMP 时,您将绕过应用程序服务器和 http 协议。因此,拥有一个具有各种实现的抽象类 FlexSession 是有意义的。
然而,当使用 BlazeDS FlexSession 时,它会在内部包装一个 HttpSession 对象,而removeAttribute/getAttribute/setAttribute 实际上是从 HttpSession 对象调用相同的方法。因此您可以访问 HttpSession 中的所有数据。如果没有,请提供更多详细信息。
但是,当使用 RTMP 通道时它将不起作用(顺便说一下,仅在 LCDS 中存在),在这种情况下您需要更改您的设计。
I do not think that it is related to the FlashPlayer..is more related to the concept of FlexSession and how BlazeDS/LCDS works. For example you can have an active session even when not using the http channels - when using NIO/RTMP you are bypassing the application server and the http protocol. So it make sense to have an abstract class FlexSession with various implementations.
However when using BlazeDS FlexSession will wrap an HttpSession object internally, and removeAttribute/getAttribute/setAttribute are in fact calling the the same methods from the HttpSession object..so you can access all the data from the HttpSession. If not please provide more details.
However, it will not work when using RTMP channels(which exists only in LCDS by the way), you need to change your design in this case.
感谢上面的两个答案,我终于找到了根本原因,并认为我应该在这里分享。
会话 ID 不同的原因是使用 SSL 进行身份验证以及使用 AMF 通道而不是安全 AMF。第一次使用该通道会导致创建一个新会话(因此具有不同的 ID),作为与站点的安全版本相关的现有会话。
愚蠢的配置错误,但值得传递 - 确保如果使用 SSL,您也使用安全 AMF 连接到安全端点,而不是标准 AMF,否则您将遇到我遇到的相同会话 ID 问题。
Thanks to both answers above I finally found the root cause and thought I'd share it on here.
The reason for differing session IDs was to do with the use of SSL for authentication and the use of AMF Channel rather than Secure AMF. Using the channel for the first time caused a new session to be created (hence the different ID) as the existing session related to the secure version of the site.
Silly configuration mistake but worth passing on - make sure that if using SSL that you're also using Secure AMF connecting to the secure endpoint rather than standard AMF or you'll run into the same session ID problems I faced.
不幸的是,这正是 Flash 播放器的工作原理。我已经多次看到同样的行为。
我发现的最佳解决方案是建立 HTTP 会话并传回会话 ID。在客户端,您可以将会话 ID 传递给 Flex 应用程序。然后,您将该 ID 从 Flash 发送到服务器并使用它来查找现有会话或建立第二个会话。
不过,您将需要执行类似的操作,我还没有找到一种方法来可靠地让 Flash 使用相同的会话。
Unfortunately this is just how the Flash player works. I have seen this same behavior many times.
The best solution I found was to establish the HTTP session and pass back the session ID. On the client side, you can then pass the session ID to the Flex application. You then send that ID from Flash to the server and use it to look up the existing session or establish a second session.
You will need to do something like this though, I have not been able to find a way to reliably get Flash to use the same session.