我应该怎么办？如果我想保持HTTP和HTTPS之间的会话 - Asp.Net [英] What should I do If I want to maintain session between HTTP and HTTPS - Asp.Net

问题描述

我应该怎么做，如果我想保持HTTP和HTTPS ..之间的会话在我的网站的公共区域的某些网页的HTTP，有些是HTTPS，但我想保持普通会话为..

What should I do If I want to maintain session between HTTP and HTTPS.. In my site's public area some pages are HTTP and some are HTTPS but I want to keep common session for both..

推荐答案

在您的用户通过身份验证，他们将继续，直到它过期，他们是否访问以HTTP或HTTPS页面具有相同的会话cookie。请确保您正在使用您的会话Cookie加密，使其更难，如果你路过它在一个不安全的协议破裂。你可能想看看在更多信息，会话劫持维基百科的文章。

Once your user's have authenticated they will continue to have the same session cookie until it expires whether they are accessing pages with HTTP or HTTPS. Make sure that you are using encryption on your session cookie to make it more difficult to crack if you are passing it over an insecure protocol. You might want to look at the wikipedia article on session hijacking for more information.

这篇关于我应该怎么办？如果我想保持HTTP和HTTPS之间的会话 - Asp.Net的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！