ASP.NET大师:什么是使用Session变量的优点/缺点是什么? [英] ASP.NET Masters: What are the advantages / disadvantages of using Session variables?
问题描述
我已经做了关于这个问题的一个搜索已经,并且有超过发现了同样的数据和over--三种不同类型的会话进行审查。 (是InProc,SQL的StateServer)然而,我的问题是不同性质的。
I've done a search on this subject already, and have found the same data over and over-- a review of the three different types of sessions. (InProc, Sql, StateServer) However, my question is of a different nature.
具体来说,什么是使用内置的.NET会摆在首位的优势/劣势?
Specifically, what is the advantages/disadvantages of using the built in .NET session in the first place?
这是为什么我问:一位同行的.NET开发人员告诉我永远不要使用内置的微软会议。一点也不。甚至没有创建一个自定义会话状态提供程序。他对这种推理是以下 - 如果你有会话在IIS中打开它使同步您所有的请求的发生。他说,启用会话降低Web服务器的性能。
Here is why I am asking: A fellow .NET developer has told me to NEVER use the built in Microsoft Session. Not at all. Not even create a custom Session State Provider. His reasoning for this is the following--that if you have the Session turned on in IIS it makes all of your requests happen synchronously. He says that enabling session degrades the performance of a web server.
他的解决方案是创建一个会话yourself--存储你需要的所有值和进出数据库的序列化的类。他建议你存储的唯一ID在cookie或查询字符串变量引用这一点。在我们的环境中,使用DB来存储会话是一个要求,因为所有我们做的网页是在Web场,而我们使用Oracle--所以我同意的那部分。
His solution to this is to create a session yourself-- a class that stores all values you need and is serialized in and out of the database. He advises that you store the unique ID to reference this in a cookie or a querystring variable. In our environment, using a DB to store the sessions is a requirement because all the pages we make are on web farms, and we use Oracle-- so I agree with that part.
是否使用内置的会话降低性能比自制的会议吗?是否有任何安全问题与此?
Does using the built in Session degrade performance more than a home-built Session? Are there any security concerns with this?
因此,要总结这一切,有什么优势/劣势?
So to sum it all up, what are the advantages/disadvantages?
感谢所有谁回答!
推荐答案
首先,浏览器只会让两个请求,一个给定的主机名,在给定的时间。在大多数情况下这些请求是静态内容(JS文件,CSS等)。因此,请求动态内容的序列化几乎没有一个会想到的问题。另外,我想这可能与传统的ASP,其中使用会话页面都绝对序列化所迷惑,我不相信这是与ASP.Net的情况。
First, a browser will only make two requests, to a given hostname, at a given time. For the most part these requests are for static content (JS files, CSS, etc). So, the serializing of requests to dynamic content aren't nearly the issue that one might think. Also, I think this may be confused with Classic ASP, where pages that use Session are definitely serialized, I don't believe this is the case with ASP.Net.
使用ASP.Net会话状态(SQL模式,状态服务器或自定义),你必须是标准的实现,并在整个应用程序一致。如果你不需要共享会话信息,这是你最好的选择。如果你需要与其他应用环境(PHP,秋千/ java的,传统的ASP等),也可能是值得考虑的信息。
With ASP.Net session state (SQL mode, state server, or custom) you have an implementation that is standard, and consistent throughout an application. If you don't need to share session information this is your best bet. If you need to share information with other application environments (php, swing/java, classic asp, etc.) it may be worth considering.
另一个优势/劣势是,已经有很多开发人员专注于为与性能有关的课程内置方法,并设计了滚动您自己,即使有不同的供应商。
Another advantage/disadvantage is that there has been a lot of developer focus on the built-in methodology for sessions with regards to performance, and design over rolling your own, even with a different provider.
这篇关于ASP.NET大师:什么是使用Session变量的优点/缺点是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
