由于客户端登陆信息保存在服务器的Session中,若在Session未发现指定的信息则向客户端提示用户未登陆,而所有的操作均是在WebService中。现在面临一个问题,若客户端是浏器则没有任何问题,但在其他客户端访问时,有些会每次访问时在服务器端都是都是不同的Session,就造成了用户未登陆现象。请问一下客户端需要提交哪些信息才能让服务器识别为同一Session,是否是需要提交Cookie?又是如何提交的。先谢了!
解决方案 »
- 安装Microsoft Visual Studio 2010 找不到CurrentSettings.vssettings文件
- 查询10W条以上的数据,怎样用多线程处理?求代码,求代码~~~~~
- 关于CSS文件的问题!!!
- 浏览器后退,不允许用户操作,解决一半
- 10000元求手机视频网站解决方案
- SqlDataAdapter创建实例的时候取回数据还是调用fill()方法的时候取回呢?
- 关于影院系统
- datagrid控件中FooterTemplate下控件的隐藏问题
- 我在DataGrid的表格里面一行放了两个linkButton,怎么在事件里区分这两个linkButton??也就是说在事件中怎么判断linkButton的名称?
- 关于ispostback
- 求助 奇怪的问题 为什么一个站点不同的目录请求会出现301
- 有关xss攻击,html事件中加入特殊编码还会执行吗
每次操作前比对sessionID 如果不相同 就将上一个sessionID标记为过期
被标记为过期的SESSIONID 用户在操作时 被T下线
前端调用服务的类
/// <summary>
/// 登录验证类
/// </summary>
public class LoginSecurityHandler
{
private static string CookieName = "UserCookie";
#region 构造器 private LoginSecurityHandler() { } #endregion #region 保存Cookies /// <summary>
/// 保存Cookies
/// </summary>
/// <param name="CookieName"></param>
/// <param name="ticket"></param>
public static void SaveCookie(FormsAuthenticationTicket ticket)
{
HttpCookie cookie = new HttpCookie(CookieName); // cookie的名称.
cookie.Domain = FormsAuthentication.CookieDomain;
cookie.Expires = ticket.Expiration;
cookie.Path = FormsAuthentication.FormsCookiePath;
cookie.Name = CookieName;
cookie.Values.Add("Expires", ticket.Expiration.ToString());
cookie.Values.Add("User", ticket.UserData); if (HttpContext.Current.Response.Cookies[CookieName] != null)
HttpContext.Current.Response.Cookies.Remove(CookieName);
System.Web.HttpContext.Current.Response.Cookies.Add(cookie);
//Response.Cookies.Add(cookie);
} /// <summary>
/// 从Cookie中获取用户名
/// </summary>
/// <param name="CookieName"></param>
public static string GetCookieValue()
{
try
{
HttpCookie oCookie = System.Web.HttpContext.Current.Request.Cookies[CookieName];
if (oCookie == null)
{
//没有登录
return "";
}
else
{
oCookie.Expires = Convert.ToDateTime(oCookie.Values["Expires"]);
return oCookie.Values["User"].ToString();
}
}
catch (Exception ex)
{
throw new DuplicateCustomerException("获取Cookie失败,请重新登录!", ex);
} } #endregion #region 判断用户是否已经登录
/// <summary>
/// 判断用户是否已经登录
/// </summary>
/// <param name="CookieName"></param>
public static bool LoginCheckCookie()
{
try
{
HttpCookie oCookie = System.Web.HttpContext.Current.Request.Cookies[CookieName];
if ((oCookie == null) || (Convert.ToDateTime(oCookie.Values["Expires"]) < DateTime.Now))
{
//没有登录
return false;
}
else
{
oCookie.Expires = Convert.ToDateTime(oCookie.Values["Expires"]);
return true;
}
}
catch (Exception ex)
{
throw new DuplicateCustomerException("登录检测失败!", ex);
} }
#endregion /// <summary>
/// 清除Cookies
/// </summary>
/// <param name="CookieName"></param>
/// <param name="ticket"></param>
public static void ClearCookie()
{
try
{ HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies[CookieName];
if (cookie != null)
{
cookie.Values.Clear();
SetUserCookieExpireTime(CookieName, -999);
cookie.Domain = FormsAuthentication.CookieDomain;
System.Web.HttpContext.Current.Response.Cookies.Set(cookie);
} }
catch (Exception ex)
{
throw new DuplicateCustomerException("清除Cookie失败!", ex);
} } public static void SetUserCookieExpireTime(string key, int days)
{
System.Web.HttpContext.Current.Response.Cookies[key].Domain = FormsAuthentication.CookieDomain;
System.Web.HttpContext.Current.Response.Cookies[key].Path = "/";
System.Web.HttpContext.Current.Response.Cookies[key].Expires = DateTime.Now.AddDays(days);
} }
#region 自定义异常提示类
public class CustomException : ApplicationException
{
public CustomException()
{ } public CustomException(string message, Exception inner)
: base(message, inner)
{ }
} public class DuplicateCustomerException : CustomException
{
public DuplicateCustomerException()
{ } public DuplicateCustomerException(string message, Exception inner)
: base(message, inner)
{ }
}
#endregion------------------
Web.config 要加上
<authentication mode="Forms" >
<forms loginUrl="Login.aspx" domain="xxx.com"></forms>
</authentication>
-----------------
Login.aspx.cs
//判断是否已经登录
//CheckUserLogin();
//已登录为true 未登录为 false
try
{
if (LoginSecurityHandler.LoginCheckCookie())
{
System.Web.HttpContext.Current.Response.Redirect("sss.aspx", false);
}
}
catch (Exception ex)
{
ScriptManager.RegisterStartupScript(this.Page, typeof(Page), "Ex Failed", "alert('" + ex.Message + "!');", true);
}
-----------------------
WCF服务类
这个里面的代码比较多
for(int i=0;i<Session.Count;i++)//判断Session["NO"]是否存在
{
if(Session.Keys.Get(i).CompareTo("NO")==0)
strNO=Session["NO"].ToString();
}
或者用
Session["NO"]==null来判断地说。多谢~~~~ 提醒