Analysis of session implementation in ASP.NET [1] session establishment process

xiaoxiao2021-03-06  101

http://www.blogcn.com/user8/flier_lu/index.html?id=3183314

The HTTP protocol can achieve such a large success, its design achieved simple and stateless connection high efficiency is very important. In order to achieve a balance between the stateless HTTP request and the stateful client operation, the concept of server-side session is generated. When the client is connected to the server, the web server generates and maintains a session of a client; when the client is connected to the server again through the stateless HTTP protocol, the server is submitted according to the client, such as the cookie or URL parameter, Associate customers on a session. This idea is applied in a variety of development language and development environments. In ASP.NET, web applications and session status are maintained separately, and the web applications and sessions are separated by HTTPApplication and HttpSessionState. Application layer logic is implemented in the global.asax file, and the runtime is compiled into an instance of system.Web.httpApplication; the session is used as a separate system.Web.SessionState.httpSessionState instance, and the server is unified for each user session, through the ASP The session property of the .NET page compiled system.Web.ui.page object subclass. About different hierarchical relationships in ASP.NET, I can refer to my previous article. ASP.NET When processing client request, first generate a system.Web.httpContext object according to the client environment, and transmit this object as a page execution code to the later page. In the analysis of [Wen 1], we can see that HTTPRuntime constructs the HTTPContext object before processing the page request, constructs the HTTPCONTEXT object, and obtains the available application from the application pool as parameters as parameters. The brief code is as follows:

The following program code is: private void HttpRuntime.ProcessRequestInternal (HttpWorkerRequest wr) {// HTTP call context object configured HttpContext ctxt = new HttpContext (wr, 0); // ... // get the current instance of the Web application IHttpHandler handler = Httpapplicationfactory.getApplicationInstance (CTXT); // Call the Handler actual handling page request}

The HTTPApplicationFactory factory maintains an available application instance buffer pool, and users reduce the load of the application object constructor.

If there is no available application object instance in the pool, this object factory will eventually call the System.Web.httPruntime.createnonpublicInstance method to construct a new application instance and call its Initinternal method to initialize. Detailed step analysis see [Wen 1]

The following is program code: internal static httphandler httpapplicationFactory.GetApplicationInstance (httpContext CTXT) {// Processing Custom Application // ... // Decision Requirements The current httpApplicationFactory instance //. // Get the Web application .. examples return HttpApplicationFactory._theApplicationFactory.GetNormalApplicationInstance (ctxt);} private HttpApplication HttpApplicationFactory.GetNormalApplicationInstance (HttpContext context) {HttpApplication app = null; // attempt has been acquired from the Web application instance cast queue / / ... if (app == null) {// Constructs a new web application instance app = (httpapplication) system.web.httpruntime.createnonpublicInstance (this._theapplicationType); // Initialize the web application instance App.initinternal Context, this._state, this._eventhandlermeth 4;} Return App;} The System.Web.httpApplication.initinternal function here completes the initialization of the application object, including calling httpApplication.initmodules function initialization HTTP module (later will be described in detail) And save the HTTPCONTEXT instance that is incorporated as a parameter to the httpApplication._context field. And this HTTP context object will be used later to get a session object.

The following program code is: public class HttpApplication: ... {private HttpContext _context; private HttpSessionState _session; public HttpSessionState Session {get {HttpSessionState state = null; if (this._session = null!) {State = this._session;} else if (this._context = null!) {state = this._context.Session;} if (state == null) {throw new HttpException (HttpRuntime.FormatResourceString ( "Session_not_available" [img] /images/wink.gif [/ IMG]);}}}}}}}

The way to get a session in the ASP.NET page is also similar, all of which are completed by httpContext.

The following program code is: public class Page: ... {private HttpSessionState _session; private bool _sessionRetrieved; public virtual HttpSessionState Session {get {if (this._sessionRetrieved!) {This._sessionRetrieved = true; try {this._session = this .Context.Session;} catch (exception) {}}} {throw new httpexception (httpruntime.formatResourceString ("session_not_enabled" [img] /images/wink.gif [/ img]);} Return this._session;}}} In httpContext, it is actually saved by a hash table.

The following is the program code: public sealed class httpContext: ... {private hashtable _items; public idictionary items {get {i (this._items == null) {this._items = new hashtable ();} returnims... }} Public httpsessionState session {get {return ((httpsessionState) this.items ["aspsession"]);}}}

What is it coming from HTTPCONTEXT.SESSION? This also needs to go back to the HTTPApplication.initModules function mentioned earlier.

Machine.config under the .NET installation directory config subdirectory defines the global configuration information, and httpApplication is initialized using configuration information in the SYSTEM.WEB section.

The following is program code: httpmodules node specifies the list of modules that HTTPApplication needs to initialize, and the HTTPApplication.initModules function mentioned earlier is officially initialized according to this list.

The following program code is: private void HttpApplication.InitModules () {HttpModulesConfiguration cfgModules = ((HttpModulesConfiguration) HttpContext.GetAppConfig ( "system.web / httpModules" [img] /images/wink.gif [/ img]); if (cfgModules == null) {throw new HttpException (HttpRuntime.FormatResourceString ( "Missing_modules_config" [img] /images/wink.gif [/ img]);} _moduleCollection = cfgModules.CreateModules (); for (int i = 0; i <_moduleCollection .Count; i ) {_moduleCollection [i] .Init (this);} GlobalizationConfig cfgGlobal = ((GlobalizationConfig) HttpContext.GetAppConfig ( "system.web / globalization" [img] /images/wink.gif [/ img]); if (cfgGlobal = null!) {_appLevelCulture = cfgGlobal.Culture; _appLevelUICulture = cfgGlobal.UICulture;}} Session System.Web.SessionState.SessionStateModule node for the object is configured HttpModulesConfiguration.CreateModules method, and calls its initialization Init function .SessionStateModule The class is actually responsible for managing and creation, and the user can create a class that implements the IHTTPMODULE interface, implementing the session control, such as the status synchronization of the support cluster.

The sessionStateModule.init method is primarily responsible for the sessionState configuration in the machine.config file, call the sessionStateModule.initModuleFromConfig method to establish the corresponding session manager.

The following program code is:

SessionState is used, please take the MSDN.

Related introduction and

INFO: ASP.NET State Management overview. Topics about Session Management of Different MODEs We will discuss later and continue to see the establishment of the session.

After reading configuration information from the machine.config file, the initModuleFromConfig method registers several session management event handlers to the HTTPApplication instance, which is responsible for maintaining the session status in the appropriate situation. The following program code is: private void SessionStateModule.InitModuleFromConfig (HttpApplication app, SessionStateSectionHandler.Config config, bool configInit) {// process without the use of Cookie // ... app.AddOnAcquireRequestStateAsync (new BeginEventHandler (this.BeginAcquireState), new EndEventHandler (this.endacquiRestate)); app.releaserequestState = new eventhandler (this.undrasestate); app.endrequest = new eventhandler (this.onendRequest); // creation session manager // ...}

BeginacquiRestate and EndacquiRestate are registered as an asynchronous processor to the httpApplication._acquirerequestStateEventHandleRasync field; OnReleaseState is responsible for cleaning the session status at the right; OneundRequest is a packaging of OnReleaseState, responsible for the more complex request end processing. The HTTPAPLICATION.INITINTERNAL function mentioned earlier, after completing the initialization work, the above event processor will be added to an execution queue, and the application is called by the application, and maximizes processing efficiency. Please refer to

HTTP PIPELINSSCURELY IMPLEMENT Request Processing, Filtering, and Content Redirection with http pipelines in asp.net The Pipeline Event Model Section, I have the opportunity to write a detailed analysis of writing articles.

I know that the call schedule for the session is relatively simple. SessionStateModule.BeginAcquiRestate is called by the HTTPApplication instance at the right time, and after processing the complexity of the various sessions, use the sessionStateModule.CompleteAcquiRestate function to complete the actual session establishment work, The HTTPSessionState object of the package session is added to the HTTPContext's hash table, which is the origin of the HTTPContext.context mentioned earlier. SessionStateModule.onReleaseState removes "ASPSession" to Key's HttpSessionState object from HTTPContext and synchronizes the session manager.

At this point, the session establishment process in ASP.NET is probably analyzed. The next section will further expand the implementation principle and application of various session managers.

To Be Continue ...

转载请注明原文地址:https://www.9cbs.com/read-124467.html

New Post(0)