问题描述

最近，我们将网络应用程序从3.5升级到.Net framework 4.0。 最近我们发现一些用户能够看到其他用户的会话数据。当他们使用凭据登录时，他们会看到其他用户的会话数据。我们使用
ASP会员资格&认证/授权的角色提供者;在ASP 状态数据库中存储会话;表格认证; Web场环境。

Recently we upgraded our web applications to .Net framework 4.0 from 3.5.  Of late we are finding that some users are able to see other users' session data. When they login with their credentials, they see other users session data. We use ASP Membership & Role providers for authentication/authorization; store session in ASP State database; forms authentication; web farm environment.

在升级到.net 4.0之前，我们没有遇到此问题。从我们的错误日志文件中我们可以看到与ASP状态数据库的连接失败，说它已达到最大池大小。下面是一个示例错误消息

We did not have this problem until we upgraded to .net 4.0. From our error log files we were able to see that the connection to ASP State database was failing saying that it had reached the max pool size. Below is a sample error message

[IsAuthenticated： - True] [Stack： - System.InvalidOperationException：Timeout expired。 从池中获取连接之前经过的超时时间。 这可能是因为所有池化连接都在使用中，并且达到了最大池
大小。

  在System.Data.ProviderBase.DbConnectionFactory.GetConnection（DbConnection owningConnection）

  在System.Data.ProviderBase.DbConnectionClosed.OpenConnection（DbConnection outerConnection，DbConnectionFactory connectionFactory）

  在System.Data.SqlClient.SqlConnection.Open（）

  在System.Web.SessionState.SqlSessionStateStore.SqlStateConnection..ctor（SqlPartitionInfo sqlPartitionInfo，TimeSpan retryInterval）]

您认为增加最大池大小将解决这个问题？我们现在有150.下面是我们自定义会话对象创建的示例。恢复。请告诉我们如何解决此问题？非常感谢您的投入。

Do you think increasing the Max Pool Size will resolve this issue? We now have it at 150. Below is a sample from our custom session object creation & retrieval. Please let us know how to resolve this issue? Your inputs are greatly appreciated.

谢谢，

Vinny

Public Class StudentDataSessionFactory

    Public Function createInstance(ByVal username As String, ByVal studentId As String, ByVal companyNo As String, ByVal userRoles As String()) As StudentDataSession

 Dim studData As New StudentDataSession(username,  studentId, companyNo, userRoles)
        Return studData
    End Function

End Class

Public Class StudentDataSessionManager
    Public Shared SessionStudentDataKey As String = "XXX_SessionStudentData"

    Shared studentDataFactory As New StudentDataSessionFactory

'setting up of session object with custom data
 Public Shared Sub SetStudentData(ByVal session As HttpSessionState, ByVal studentData As StudentDataSession)
        session.Add(SessionStudentDataKey, studentData)
  End Sub

'Retrieving the customized session object for the current session
 Public Shared Function GetStudentData(ByVal session As HttpSessionState) As StudentDataSession
        Return CType(session.Item(SessionStudentDataKey), StudentDataSession)
    End Function

'Initializing customized session object
    Public Shared Function InitUserData(ByVal session As HttpSessionState, ByVal username As String, ByVal studId As String, ByVal compId As String, ByVal userRoles As String()) As StudentDataSession
        Dim studentData As StudentDataSession = GetStudentData(session)

        If studentData Is Nothing Then
            studentData = studentDataFactory.createInstance(username, studId, compId, userRoles)
            SetStudentData(session, studentData)
            studentData = RefreshUserData(session)
        End If
        Return studentData
    End Function

推荐答案

这篇关于会话在ASP.Net 4.0 Web表单中混淆的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！