Java - 如何在两个或多个Web应用程序之间共享会话？ [英] Java - How to share the session between two or more Web Application?

问题描述

我有两个网络应用程序。我将登录到一个Web应用程序，并将通过第一个应用程序的链接或重定向导航到另一个Web应用程序。最后，在完成Application 2中的一些步骤后，我将被重定向到Application one。我该如何实现呢？

I have two web Applications. I will login in to one Web Application and will navigate to another by links or redirection from the first Application. Lastly after completing some steps in Application two, I will be redirected to Application one. How can I implement this?

这里的应用程序2是通用的，我将有三个Application One实例，它们将与Application 2进行交互。

Here Application two is generic, and I will have three instances of Application One, which will interact with Application two.

请建议更好的方法。我必须使用spring和Spring Webflow来实现它。

Please suggest a better approach. I have to use spring and Spring Webflow to implement it.

推荐答案

从技术上讲，两个Web应用程序之间的会话（两个不同的WAR）<强>不能分享。这是设计用于安全原因。我想就您的问题提出以下意见和建议，

Technically, session between two web application (two different WARs) cannot be shared. This is by design and done for security reasons. I would like to make following comments and suggestions for your problem,

1. 通常使用会话ID 跟踪会话它通常作为cookie存储在服务器端的浏览器和Session对象上。


2. 当您发送请求时，此Cookie会在服务器端每次发送。


3. 将发送一个Cookie 仅到它来自的服务器。


4. 因此www.mysite.com/app1设置的cookie只会发送到www.mysite.com/app1并且不要访问www.mysite.com/app2。


5. 对于您的情况，要使用户会话在两个应用程序中有效，浏览器将需要从app1和app2设置两个cookie。


6. 一种方法是，当您使用java脚本登录app1时，也会向app2发送登录请求。当这两个请求成功返回时，您的浏览器将同时拥有两个应用程序的会话（app1和app2）


7. 现在注销将有自己的挑战，当您从app1注销时，您还需要从app2注销。从技术上讲，这意味着您需要清除这两个应用程序中设置的cookie。在Java脚本的帮助下，你可以做到这一点。

1. Session are generally tracked using an session ID which is generally stored as a cookie on the browser and Session object on the server side.
2. This cookie is sent server side every time when you send a request.
3. A cookie will be sent ONLY to the server where it came from.
4. So a cookie set by www.mysite.com/app1 will be sent only to www.mysite.com/app1 and not to www.mysite.com/app2.
5. For you case, for a user sessions to be valid across two application, the browser will need two cookies to be set from app1 and app2.
6. One way would be, when you login to app1 , using java script, also send a login request to app2. When both these request return successfully, your browser will have session for both the applications (app1 and app2)
7. Now logout will have its own challenges, when you logout from app1, you also need to logout from app2. Technically this means, you need to clear the cookies set from both of these applications. With little help from java script you can do this.

这篇关于Java - 如何在两个或多个Web应用程序之间共享会话？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！