在OWIN托管的SignalR实现中接受ASP.NET Forms身份验证Cookie吗? [英] Accepting ASP.NET Forms Authentication cookies in an OWIN-hosted SignalR implementation?

问题描述

我有一个使用OWIN的自托管SignalR实例.我想实施授权.我的用户已经使用表单身份验证登录到ASP.NET MVC应用程序.

I've got an self-hosted SignalR instance, using OWIN. I'd like to implement authorization. My users will already have logged into an ASP.NET MVC application, using Forms Authentication.

由于两个应用程序可以在同一URL上使用，因此cookie将在两者之间共享.如何在自托管的SignalR应用程序中接受Forms Authentication cookie?

Since the two applications will be available at the same URL, the cookies will be shared between the two. How do I accept a Forms Authentication cookie in a self-hosted SignalR application?

说明:我说的是一个浏览器，它使用用于登录单独的IIS(但相关且安装在同一主机上)IIS应用程序的凭据来访问自托管的SignalR集线器.

Clarification: I'm talking about a browser accessing a self-hosted SignalR hub using the same credentials that were used to log into a separate (but related, and installed on the same host) IIS application.

所以，问题是:如何调用SignalR服务器管道来捕获.ASPXAUTH cookie，并在调用集线器之前使用它来设置当前主体?

So, the question is: how do I hook into the SignalR server pipeline to capture the .ASPXAUTH cookie and use it to set the current principal before calling the hub?

如果有帮助，我可以加入一些南希.

If it helps, I can throw some Nancy into the mix.

推荐答案

如果您的用户已经通过身份验证并登录，则可以在SignalR集线器中检查以下内容:

If your user is already authenticated and logged in, you can check the following within your SignalR hub:

Context.User.Identity.IsAuthenticated

确保将此属性设置为true.您可以将此检查放在集线器的构造函数中，以阻止/删除它们的连接.如果为false，则可以将它们重定向到另一个页面.

Assure this property is set to true. You can place this check within the constructor of your hub to block/remove their connection. If false, you can redirect them to another page.

这篇关于在OWIN托管的SignalR实现中接受ASP.NET Forms身份验证Cookie吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！