Coldfusion会话 - CF如何识别连接/唯一客户端 [英] Coldfusion sessions - how exactly is CF identifying a connection / unique client
问题描述
Coldfusion会话 - CF如何识别连接/唯一客户端
在使用远程CFC进行挖掘后,我从Word VBA调用,我发现他们还设置会话。这让我思考和Googling(不成功)的解释只是如何CF区分不同的客户端。我以前认为这是一个浏览器cookie被设置为标识客户端,但在这里我通过一个word应用程序消费web服务,仍然获得会话变量和sessionID设置。
所以,如果我通过浏览器(chrome)加载和登录到我的应用程序,并打一个测试页面,我得到jsessionID = 123,如果我启动firefox和登录我得到一个不同的jsessionid = 234如预期。如果我使用Word VBA将远程cfc作为Web服务wsdl命中,我可以看到jsessionid = 345返回到VBA模块。如果我关闭Word并重新打开我的宏(包含对Web服务的登录请求)我得到一个新的jsessionID = 567
那么关于请求CF是什么
这是在VBA http调用中的同样的问题
Sub doHTTP()
Dim MyRequest As Object
Dim Val
httpString =http:// localhost:8888 / test。 cfm
设置MyRequest = CreateObject(WinHttp.WinHttpRequest.5.1)
MyRequest.OpenGET,httpString
'发送请求。
MyRequest.Send
MsgBox MyRequest.ResponseText
现在通过会话urltoken我们刚刚撤消了
MyRequest.Open GET,httpString& ?urltoken =& MyRequest.ResponseText
'重新发送一个请求,这次使用urltoken。
MyRequest.Send
'查看会话变量是否正确
MsgBox MyRequest.ResponseText
End Sub
<$ p $ <$ p <$ p> $ c>< cfif isdefined(URL.urltoken)>
< cfset session.urltoken =#URL.urltoken#>
< cfelse>
< cfset session.username =bob>
< / cfif>
< cfoutput> session.urltoken =#session.urltoken#< / cfoutput>< br>
< cfoutput> session.username =#session.username#< / cfoutput>< br>
< cfoutput> session.sessionID =#session.sessionID#< / cfoutput>
确定现在工作,有趣,我需要记住web服务或http调用不使用浏览器我需要在URL中手动传递sessionID。
当然会根据浏览器cookie维持会话。在第一次请求从浏览器服务器分配令牌,这将用于在会话连接请求的其余部分。如果浏览器cookie被禁用,那么你可能需要它通过CFID和CFTOKEN在URL中的每个请求和j2ee会话管理的情况下,你可能需要传递jsessionId(最好的方法是在每个请求中追加session.URLToken) p>
在word宏中,你会得到新的jsessionId,因为word可能没有cookie,并且不能保持连接,只是尝试在下一个Webservice调用中连接session.URLToken,你会得到所有的会话回来,甚至重新打开字后,甚至你可以尝试复制session.URLToken从chrome浏览器请求,并附加在firefox请求,你会得到相同的会话可用在Chrome(同样的事情将工作,如果你尝试从不同的计算机以及)。 / p>
故事的寓意是通过URL或Cookie,用于客户端和服务器之间的连接的CFID,CFTOKEN,JSessionId(在J2ee会话管理的情况下)的组合。 >
Coldfusion sessions - how exactly is CF identifying a connection / unique client
After doing some digging with remote CFCs I called from Word VBA I found they set sessions also. Which got me to thinking and Googling (unsuccessfully) for an explanation of just how CF does distinguish between different clients. I had previously assumed it was a browser cookie being set to identify the client, but then here I was consuming a web service through a word app and still getting the session variables and sessionID set.
So if I load and login to my app via browser (chrome) and hit a test page I get jsessionID = 123,If I fire up firefox and login I get a different jsessionid = 234 as expected. If I hit a remote cfc as a web service wsdl using Word VBA I can see jsessionid=345 returned to the VBA module. If I close Word and reopen my macro (containing a login request to the web service) I get a new jsessionID=567
So what is it about the request that CF is identifying and how does it persist the identification of the client?
This is the same issue in a VBA http call
Sub doHTTP()
Dim MyRequest As Object
Dim Val
httpString = "http://localhost:8888/test.cfm"
Set MyRequest = CreateObject("WinHttp.WinHttpRequest.5.1")
MyRequest.Open "GET", httpString
' Send Request.
MyRequest.Send
MsgBox MyRequest.ResponseText
'now pass in the session urltoken we have just retreived
MyRequest.Open "GET", httpString & "?urltoken=" & MyRequest.ResponseText
' resend a request, this time with the urltoken.
MyRequest.Send
'take a look and see if the session variables are correct
MsgBox MyRequest.ResponseText
End Sub
in a test.cfm
<cfif isdefined("URL.urltoken")>
<cfset session.urltoken="#URL.urltoken#">
<cfelse>
<cfset session.username="bob">
</cfif>
<cfoutput>session.urltoken="#session.urltoken#"</cfoutput><br>
<cfoutput>session.username="#session.username#"</cfoutput><br>
<cfoutput>session.sessionID="#session.sessionID#"</cfoutput>
OK that now works, interesting, I will need to remember for web service or http calls not using a browser I will need to pass the sessionID in the URL manually.
Definitely session maintained based on browser cookie. On first request from browser server assign token and this will used to make session connection in rest of the request. If browser cookies are disabled then you may need it pass CFID and CFTOKEN in URL for every request and in case of j2ee session management you may need to pass jsessionId as well (best way is to append session.URLToken in every request.)
In word macro you get new jsessionId because word may not have cookie and not able to persist connection but just try to concat session.URLToken in next Webservice call and you will get all your session back even after reopening word or even you can try copy session.URLToken from chrome browser request and append it in firefox request and you will get same session available in Chrome (same thing will work if you trying from different computer as well).
So moral of story is combination of CFID,CFTOKEN,JSessionId(in case of J2ee session management) use for connection between client and server either through URL or Cookie.
这篇关于Coldfusion会话 - CF如何识别连接/唯一客户端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
