MyException - 我的异常网
当前位置:我的异常网» Java Web开发 » 保存已登陆用户的个人信息用什么最好?该如何处理

保存已登陆用户的个人信息用什么最好?该如何处理

www.MyException.Cn  网友分享于:2015-08-27  浏览:159次
保存已登陆用户的个人信息用什么最好?
保存已登陆用户的信息的时候用什么保存最好?是Cookic还是Session,用Session的话只要浏览器一关就需要重新登陆,那样的效果不太好,我希望在一定的时间内都不需要再登陆。但用Cookic的话那些信息都在客户端好象不太安全,有什么好的办法?要是说Cookic加密的话请详细讲下,现在还没怎么接触过加密技术。谢谢了...

------解决方案--------------------
那就看是做什么了。
网站用cookie,系统用session。
加密是算法问题,网上有很多。
------解决方案--------------------
session和Cookie配合使用,比较好的选择,Session建议存一些必要属性,这样做会非常方便,而且不会用太多空间,而且挺安全, 如果服务器关闭,就把session中的信息保存到Cookie,这里可以考虑下加密。下次请求时,又利用Cookie重建Session。。。
考虑到客户端的Cookie可能被禁用,可以加上URL回写的方式,以保证可靠性。。。
其实这上比较严密系统,一般小系统里边,建议用session很OK,性有不是问题。。
------解决方案--------------------
C# code


using System;
using System.Diagnostics;
using System.Security.Cryptography;
using System.Text;
using System.IO;
using System.Web;

namespace Press
{
    public class CryptoUtil
    {
        
        public static byte[] KEY_64 = { 42, 16, 93, 56, 78, 4, 218, 223 };
        public static byte[] IV_64 = { 55, 103, 46, 79, 36, 89, 167, 3 };

        private static byte[] KEY_192 = { 42, 16, 93, 156, 78, 4, 218, 32, 15, 167, 44, 80, 26, 250, 155, 112, 2, 94, 11, 204, 119, 35, 184, 197 };
        private static byte[] IV_192 = { 55, 103, 246, 79, 36, 99, 167, 3, 42, 5, 62, 83, 184, 7, 209, 13, 145, 23, 200, 58, 173, 10, 121, 222 };

        //标准的DES加密
        public static string Encrypt(string value1)
        {
            if (value1 != "")
            {
                
                DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
                MemoryStream ms = new MemoryStream();
                CryptoStream cs = new CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), CryptoStreamMode.Write);
                StreamWriter sw = new StreamWriter(cs);
                sw.Write(value1);
                sw.Flush();
                cs.FlushFinalBlock();
                ms.Flush();
                return Convert.ToBase64String(ms.GetBuffer(), 0, (int)ms.Length);
            }
            return "";
        }

        //标准的DES解密
        public static string Decrypt(string value1)
        {
            if (value1 != "")
            {
                DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
                byte[] buffer = Convert.FromBase64String(value1);
                MemoryStream ms = new MemoryStream(buffer);
                CryptoStream cs = new CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_64, IV_64), CryptoStreamMode.Read);
                StreamReader sr = new StreamReader(cs);
                return sr.ReadToEnd();
            }
            return "";
        }
    }

    public class CookieUtil
    {
        public const string COOKIENULL = null;

        public static void SetEncryptedCookie(string key, string val)
        {
            key = CryptoUtil.Encrypt(key);
            val = CryptoUtil.Encrypt(val);
            SetCookie(key, val);
        }
        public static void SetEncryptedCookie(string key, string val, DateTime expires)
        {
            key = CryptoUtil.Encrypt(key);
            val = CryptoUtil.Encrypt(val);
            SetCookie(key, val, expires);
        }
        public static void SetEncryptedCookie(string key, string val, int DayNum)
        {
            key = CryptoUtil.Encrypt(key);
            val = CryptoUtil.Encrypt(val);
            DateTime expires = DateTime.Now.AddDays(DayNum);
            SetCookie(key, val, expires);
        }
        #region///SetCookie
        private static void SetCookie(string key, string val)
        {
            key = HttpContext.Current.Server.UrlEncode(key);
            val = HttpContext.Current.Server.UrlEncode(val);
            HttpCookie cookie = new HttpCookie(key, val);
            SetCookie(cookie);
        }
        private static void SetCookie(string key, string val, DateTime expires)
        {
            key = HttpContext.Current.Server.UrlEncode(key);
            val = HttpContext.Current.Server.UrlEncode(val);
            HttpCookie cookie = new HttpCookie(key, val);
            cookie.Expires = expires;
            SetCookie(cookie);
        }
        private static void SetCookie(HttpCookie cookie)
        {
            HttpContext.Current.Response.Cookies.Set(cookie);
        }
        #endregion
        public static string GetEncryptedCookieValue(string key)
        {
            key = CryptoUtil.Encrypt(key);
            string val = GetCookieValue(key);
            if (val == COOKIENULL)
                return COOKIENULL;
            val = CryptoUtil.Decrypt(val);
            return val;
        }
        #region///GetCookie
        private static HttpCookie GetCookie(string key)
        {
            key = HttpContext.Current.Server.UrlEncode(key);
            return HttpContext.Current.Request.Cookies.Get(key);
        }
        private static string GetCookieValue(string key)
        {
            try
            {
                string val = GetCookie(key).Value;
                val = HttpContext.Current.Server.UrlDecode(val);
                return val;
            }
            catch
            {
                return COOKIENULL;
            }
        }
        #endregion
    }


}

文章评论

软件开发程序错误异常ExceptionCopyright © 2009-2015 MyException 版权所有