Shulou(Shulou.com)06/03 Report--

This article is about how to configure the Session server. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

one。 Abstract

All Web programs use Session to save data. The problem of Session sharing in load balancing scenarios can be solved by using independent Session servers. This paper introduces several methods of establishing Session server under. Net platform, and introduces various experiences and skills in using Session.

two。 About Session,SessionID and Cookies

Session data is saved on the server, but each client needs to save a SessionID. SessionID is saved in Cookies and expires when the browser is closed.

SessionID is included in the HTTP request sent to the server, and the server obtains the Session information of this user according to SessionID.

Many junior developers do not know the relationship between SessionID and Cookies, so they often think that the two are not related. This is not correct. It is precisely because SessionID is stored in Cookies, so when we save Cookies, we must be careful not to cause SessionID objects because of the size and number of Cookies. In our program, there is a special treatment for the Cookies of SessionID:

The copy code is as follows:

/ / /

/ / write to cookie.

/ / /

/ / /

/ / /

Public bool SetCookie (int day)

{

String CookieName = GetType () .ToString ()

HttpCookie SessionCookie = null

/ / A pair of SessionId is backed up.

If (HttpContext.Current.Request.Cookies ["ASP.NET_SessionId"]! = null)

{

String SesssionId = HttpContext.Current.Request.Cookies ["ASP.NET_SessionId"] .Value.ToString ()

SessionCookie = new HttpCookie ("ASP.NET_SessionId")

SessionCookie.Value = SesssionId

} / omit the middle part of the code. Keep only the logic of backing up SessionID and retrieving SessionID

/ / if the total number of cookie exceeds 20, rewrite the ASP.NET_SessionId in case the Session is lost.

If (HttpContext.Current.Request.Cookies.Count > 20 & & SessionCookie! = null)

{

If (SessionCookie.Value! = string.Empty)

{

HttpContext.Current.Response.Cookies.Remove ("ASP.NET_SessionId")

HttpContext.Current.Response.Cookies.Add (SessionCookie)

}

}

Return true

}

three。 Several ways to build Session Server

Sharing Session among multiple Web servers can be realized by saving Session in a separate server. Although we can develop our own Session storage system, it will be more convenient to use the storage mechanism that comes with ASP.NET.

.net provides five ways to save Seission:

Method name

Storage mode performance

Off

Set to not use the Session feature

None

InProc

Set to store Session in the process, which is how it is stored in ASP, which is the default.

Highest performanc

StateServer

Set to store the Session in a separate state service. It is usually an aspnet_state.exe process.

Performance loss of 10-15%

SQLServer

Sets the Session to be stored in SQL Server.

Performance loss of 10-20%

Customer

Customized storage scheme

Determined by the way of implementation

We can configure the Session storage method used by the program in Web.Config. The default is InProc, which is saved in the IIS process. This article will not explain Off, InProc and Customer. Related articles can be found on the Internet.

The following is mainly about the application of StateServer and SQLServer.

four。 Using StateServer mode to build Session server

(1) Server-side configuration

1. Start the Asp.net State service service. The default state of this service is manual. Change to automatic and start.)

two。 Modify the registry: [HKEY_LOCAL_MACHINE\ SYSTEM\ ControlSet001\ Services\ aspnet_state\ Parameters]

Set AllowRemoteConnection = 1, set Port = 42424 (decimal, default is 42424)

Port is the port number of the service

AllowRemoteConnection indicates whether other machines are allowed to connect, 0 for local use only and 1 for use by other machines.

(2) client settings

In the Web.Config of Web application, we need to modify the node of /. If not,

Add if not (InProc is used by default)

The copy code is as follows:

We can modify the above parameters as needed.

five。 Using SqlServer mode to build Session server

(1) Server-side configuration

There are two ways to build a Session server using SqlServer mode. ASP.NET version 1. 0 and 1. 1, please use method a, 2. 0, that is, the above version, please use method b.

a. Create a Session database using a SQL file

This is the only way to use this method in ASP.NET versions 1.0 and 1.1. For version 2. 0 and above, use the aspnet_regsql.exe tool. (of course, this method is also available in version 2.0)

.net provides database installation scripts, which can be found in the windows folder of the machine:

C:\ WINDOWS\ Microsoft.NET\ Framework\ v2.0.50727\ InstallSqlState.sql

C:\ WINDOWS\ Microsoft.NET\ Framework\ v2.0.50727\ InstallSqlStateTemplate.sql

Depending on the version of ASP.NET, you need to use different SQL scripts. There are two main versions of ASP.NET, 1. 1 and 2. 0, which can be found in different version folders of SQL.

InstallSqlState.sql is the database "[ASPState]" that creates the default name. This SQL can be run directly.

InstallSqlStateTemplate.sql can save data using a database of its own. This SQL needs to be modified and run. Open the SQL file and replace [DatabaseNamePlaceHolder] with the database name you specified.

When executing installsqlstate.sql, you do not need to specify a database, you can execute it on any database. This SQL creates a new database on its own

b. Use the aspnet_regsql.exe tool

After ASP.NET 2.0, Microsoft provides aspnet_regsql.exe tools to easily configure Session database. The tool is located in the system root\ Microsoft.NET\ Framework\ version folder on the Web server.

Examples of use:

Aspnet_regsql.exe-S. -U sa-P 123456-ssadd-sstype p

-S parameter:

Represents the database instance name. You can use "." Represents the local machine.

-U and-P parameters:

Represents the user name and password.

-E parameter:

You can choose between-U-P and-E. -E means to log in to the database as the current system user through windows authentication, and-U-P uses the SqlServer user to log in to the database.

-ssadd /-ssremove parameter:

-ssadd means to add Session database, and-ssremove means to remove Session database.

Sstype parameters:

Option

Description

T

Store the session data in the SQL Server tempdb database. This is the default setting. If the session data is stored in the tempdb database, the session data will be lost when SQL Server is restarted.

P

Store session data in the ASPState database instead of the tempdb database.

C

Store session data in a custom database. If you specify the c option, you must also use the-d option to include the name of the custom database.

(2) Session client settings

This room also requires the Web application to modify the nodes in the Web.Config. If you use the default database (ASPState library), the configuration is as follows:

The copy code is as follows:

If you use a custom database name, you also need to develop the allowCustomSqlDatabase property and specify the database in the database connection string:

The copy code is as follows:

six。 Summary of experience and skills in use

The following is a summary of the experiences and techniques of SessionID, Session_End time, StatServer mode and SqlServer mode.

(1) StateServer mode:

1. In web farm, make sure that all web servers have the same

two。 Objects to be saved in Session are serializable.

3. In order to maintain the session state,IIS Metabase application path (such as\ LM\ W3SVC\ 2) on different web servers in web farm, it should be consistent (case-sensitive) on all servers.

4. ASP.NET processing Session is a HttpModuel module configured in Machine.Config. In the Config folder under the installation directory of .NET, view Web.Config (version 1.1 is in Machine.Config):

The copy code is as follows:

...

...

Confirm that this module exists.

5.StateServer does not support load balancing, so if SqlServer mode is recommended for large concurrency, you can enjoy the high performance and security of SqlServer. Although the storage efficiency will decline.

6. You need to make the MachineKey of all machines the same. Configure in Machine.Config:

The copy code is as follows:

(2) SqlServer mode:

1. Objects to be saved in Session are serializable.

two。 If the default database is used, the user of the database link string in the client configuration file needs to have dbowner permissions for both ASPState and tempdb libraries.

3. In SQLServer mode, session expiration is done by SQL Agent using a registration task, so make sure that SQL Agent is running. Otherwise, you can't clean up the expired Session data, which will cause the database data to increase all the time.

4. If you use SqlServer mode, the ASP.NET application path must be the same for each server in the Web farm. Synchronize the application path of the Web site for all Web servers in the Web farm in the Web configuration database. The case must be the same, because the application path of the Web site is case-sensitive.

5. You need to make the MachineKey of all machines the same. Configure in Machine.Config:

The copy code is as follows:

(3) Session:

1. You cannot share Session between ASP.NET and ASP directly through the Session server. Please use the solution provided by Microsoft:

Http://msdn.microsoft.com/zh-cn/library/aa479313.aspx

two。 Session cannot be shared between different applications or different virtual directories of a website

3. The expiration time of Session is sliding time.

4. Session stores the best performance of the value type that comes with .NET. Storing objects can degrade performance.

(4) SessionID:

1.SessionID can also be saved on URL. Just set the Cookiesless attribute of the System.Web/sessionState node in the Web.Config file:

The copy code is as follows:

two。 Generally, SessionID remains the same after Session timeout or deletion. Because the Session expires, the data is cleared on the server side, but the SessionID is saved on the user's browser, so the SessionID in the HTTP header remains unchanged as long as the browser is not closed.

3. If you close the browser and visit again, SessionID will be different.

4. Each time you open an IE6 window, the SessionID is different, and the Session of the two windows cannot be shared in IE6.

5.FireFox tabs and new FireFox windows, SessionID are the same, and Session can be shared on FF windows and tabs.

6. For pages that contain FrameSet, such as:

The copy code is as follows:

If the suffix name is .htm and the .htm file is not handed over to ASP.NET 's ISAPI, then a different SessionID is generated on each Frame page according to the server speed, and the same after refresh is equal to the last SessionID.

The solution is to change the .htm suffix to .aspx, or give the .htm file to ASP.NET 's ISAPI for processing.

(5) Session_End event:

1. Session_End is only available in InProc mode

two。 Close the browser and Session_End will not be triggered. HTTP is a stateless protocol, and the server has no way to know if your browser is closed.

3. When Session expires or calls Session.Abandon, Session_End triggers. Session. Clear () only clears the data, but does not delete the session.

4. Session_End is triggered by a background thread and runs under the worker process account. So the program will not notify the error that occurred.

5. Access to the database in Session_End should be considered. Session_End is run under the account that runs the worker process (aspnet_wp.exe), which can be specified in machine.config. Therefore, in Session_End, if you use integrity security to connect to SQL, it will connect using the worker process account, which may cause login failures.

6. Because Session_End starts with independent threads, you can't use HttpContext objects in Session_End (Request,Response,Server and other objects are all in HttpContext), that is, you can't use Response.Redirect and Server.Transfer methods.

Thank you for reading! This is the end of the article on "how to configure the Session server". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.