跨子域共享会话和会话ID (MVC 3)
这两天拼命寻找解决方案,但所有轨迹都没有定论。
我有一个包含 A.mysite.com 和 B.mysite.com 等子域的网站, 我需要在所有子域和域之间共享会话。
我准确地说,问题不在于在不同服务器之间具有持久性,而是在同一应用程序中保持子域之间的会话处于活动状态。
任何想法都会非常感激。
I tried desperately to find a solution for these two days, but all the tracks have not been conclusive.
I have a website with subdomains like A.mysite.com and B.mysite.com,
And I need to share the session between all the subdomain and the domain.
I precise, the issue is not to have persistance across differents servers but in the same application keep the session alive between subdomains.
Any ideas will be really appreciated.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为此,您可以利用会话状态服务器设施中的构建。
它的作用是允许您将网站指向 SQL Server 数据库,以便持久保存会话状态而不是内存。所有服务器都可以通过像平常一样使用会话来无缝地使用相同的功能到您的网站。
只需更改 web.config 文件,并使用 aspnet_regsql.exe 工具来设置数据库设施。
要使用 aspnet_regsql.exe 设置数据库,命令行参数如下;
-S 指定要在其中存储会话状态的 SQL 服务器的 IP 地址或名称。
-U 指定连接到 SQL Server 时要使用的用户 ID
-P 指定连接到 SQL Server 时要使用的密码
-E 表示连接到 SQL Server 时要使用集成安全性
-ssadd 添加对SQLServer 模式会话状态
-ssremove 删除对 SQLServer 模式会话状态的支持
-sstype 会话状态支持的类型。此选项可以是:
t 表示临时存储
p 表示持久存储
c 表示自定义存储
-d 要使用的自定义数据库的名称(如果 -sstype 开关为“c”)
您可以使用以下语法更新 web.config 文件;
这里有几篇关于如何实现这一目标的好文章。
http://idunno.org/articles/277.aspx
http://support.microsoft.com/kb/317604
http:// /www.developer.com/net/asp/article.php/3595766/Storing-Session-State-in-a-SQL-Server-Database.htm
由于您的主要问题是确保两个子域中的 SessionID 是相同的,我认为这里是全局 Application_PreRequestHandlerExecute 事件。您可以检查子域 A 中的会话 cookie 是否存在,并将子域 B 中的 ID 设置为相同的 ID。
请参阅此处的帖子;
http://www.know24.net/blog/ASPNET +会话+状态+Cookies+And+Subdomains.aspx
You can leverage the build in Session State Server facilities for this.
What this does is allow you to point the web sites to a sql server database in order to persist your session state as opposed to memory. All servers can utilize the same facility seamlessly to your a websites by using session just like you do normally.
There is only a web.config file change, and using aspnet_regsql.exe tool to set up the database facilities.
To set up the database with aspnet_regsql.exe the command line args are as followed;
-S Species the IP address or the name of SQL server in which you want to store the session state.
-U Specifies the user ID to be used when connecting to the SQL Server
-P Specifies the password to be used when connecting to the SQL Server
-E Indicates that you want to use integrated security when connecting to the SQL Server
-ssadd Adds support for the SQLServer mode session state
-ssremove Removes support for the SQLServer mode session state
-sstype Type of session state support. This option can be:
t for temporary storage
p for persistent storage
c for custom storage
-d The name of the custom database to use if -sstype switch is "c"
You would update your web.config file with the following syntax;
Here is a couple of good articles on how to accomplish this.
http://idunno.org/articles/277.aspx
http://support.microsoft.com/kb/317604
http://www.developer.com/net/asp/article.php/3595766/Storing-Session-State-in-a-SQL-Server-Database.htm
Since your main problem is assuring that the SessionID is the same in both subdomains, I think your in here is the global Application_PreRequestHandlerExecute event. You can check for the existence of the Session cookie from subdomain A, and set the ID in subdomain for B to the same ID.
See post here;
http://www.know24.net/blog/ASPNET+Session+State+Cookies+And+Subdomains.aspx