如何IIS承认.NET不同的会议? [英] How does IIS recognize different sessions in .NET?
问题描述
假设我已经登录到这是从 IIS 运行的应用程序。现在,我还没有注销,但关闭浏览器。而当我再次访问该应用程序,则默认为登录页面。如何IIS承认,这是一个新的请求和用户的登录页面重定向?
Suppose I have logged into an application which is running from IIS. Now I haven't logged out, but closed the browser. And when I'm accessing the application again, it defaults to the login page. How does IIS recognize that it is a new request and redirects the user to the login page?
我还有一个问题。假设如果我不关闭浏览器,当我登录,我用。我打开新的浏览器从同一个应用程序请求一个页面。 IIS认识到它的应用程序的新请求,并在用户登录页面重定向。为什么它不使用现有会话或饼干其中第一个浏览器使用?
I have another question. Suppose if I'm not closing the browser, which I used when I logged in. I'm opening the new browser to request a page from same application. IIS recognizes that it's a new request to the application and redirects the user to login page. Why does it not use the existing session or cookies which the first browser uses?
请不要激怒我连续的问题...我有巨大的混乱。
我们说 HTTP 是一种无状态协议。一旦页面被请求我已经登陆,而HTTP协议连接将IIS和浏览器之间的终止,对不对?然后,我浏览到其他页面中,在应用程序记录下来。现在,IIS识别用户已登录在此浏览器。但是,当我打开一个新的浏览器,并要求该应用程序,如何识别IIS它是一个新的要求?由于HTTP协议断开,它是如何在第一种情况下工作的?
Please don't get irritated of my continuous questions... I am having huge confusion. We say HTTP is a stateless protocol. Once the page is requested I have logged in. And the HTTP protocol connection will be terminated between IIS and browser, right? Then I am navigating to other pages in that logged in application. Now IIS recognises the user has logged in on this browser. But when I open a new browser and request that application, how does IIS recognises it is a new request? Since the HTTP protocol is disconnected, how does it work in the first case?
推荐答案
正如你说正确,HTTP本身是无状态的,并且每个请求是从每一个其它技术上的独立。会话,13759网站,是一个解决方法。会发生什么事,通常是,无论信息它关心的服务器存储维护(如登录用户的用户名或ID,例如),并分配信息的ID。然后,它告诉ID,在这样一种方式,浏览器就可以到手的ID回来时,它的时间来使另一个请求的浏览器。如果浏览器正常工作,然后将这些信息可以检索,更新等每个请求,甚至在无状态协议,提供一定程度的状态。
As you've correctly said, HTTP itself is stateless, and each request is technically separate from every other. Sessions, as used by web sites, are a workaround for that. What happens, normally, is that the server stores whatever info it cares to maintain (like the logged-in user's username or ID, for example), and assigns that information an ID. It then tells the browser that ID, in such a way that the browser can hand the ID back when it's time to make another request. If the browser works as expected, then that information can be retrieved, updated, etc with each request, providing some degree of state even over a stateless protocol.
会话使用Cookie,通常可以实现的。也就是说,服务器先将浏览器会话ID的cookie,浏览器手中回来的每个请求相同的cookie,直到Cookie过期或以其他方式遗忘。一些饼干(所谓的会话cookie)不会被保存,并在浏览器关闭时都忘了。刚刚打开的浏览器没有一个会话cookie来传递,所以,如果服务器使用会话cookie做会议(应该),它将考虑用户尚未登陆,并反弹到登录页面,如果他们需要先登录。
Sessions are usually implemented using cookies. That is, the server hands the browser a cookie with the session ID, and the browser hands back that same cookie with each request until the cookie expires or is otherwise forgotten. Some cookies (so-called "session cookies") aren't saved, and are forgotten when the browser is closed. A freshly opened browser doesn't have a session cookie to pass, so if the server uses session cookies to do sessions (which it should), it will consider the user not yet logged in and bounce them to the login page if they need to be logged in.
会话cookie通常会被标签之间在同一浏览器共用,有时甚至通过文件>新建窗口,从已经运行的浏览器打开的窗口共享,因为无论这些案件将只是其中的一部分浏览器。但是,如果你开始从开始菜单中的浏览器,但是还是你的操作系统可以让你启动一个程序,这是一个整体的其他过程 - 而会话cookie进程间共享很少
Session cookies will usually be shared between tabs in the same browser, and will sometimes even be shared by windows opened by "File > New Window" from an already running browser, because both of those cases will just be a part of that browser. But if you start the browser from the Start menu, or however your OS lets you start a program, it's a whole other process -- and session cookies are rarely shared between processes.
服务器通常还跟踪会话的在其端部在有限的时间(其可以是几分钟或数年,这取决于在服务器和/或站点的设置)来使用的会话的最后一个请求之后。如果浏览器通过对应于会话的服务器不再记得一个cookie,它会表现的好像没有会话的。其中,在那里你必须登录的情况下,将再次反弹到登录页面。
The server usually also keeps track of sessions on its end for a limited time (which may be a few minutes or years, depending on the server and/or site settings) after the last request that used the session. If the browser passes a cookie that corresponds to a session the server no longer remembers, it'll act as if there's no session at all. Which, in cases where you have to log in, will again bounce to the login page.
这篇关于如何IIS承认.NET不同的会议?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
