在OWIN托管的SignalR实现中接受ASP.NET Forms身份验证Cookie吗? [英] Accepting ASP.NET Forms Authentication cookies in an OWIN-hosted SignalR implementation?
问题描述
我有一个使用OWIN的自托管SignalR实例.我想实施授权.我的用户已经使用表单身份验证登录到ASP.NET MVC应用程序.
I've got an self-hosted SignalR instance, using OWIN. I'd like to implement authorization. My users will already have logged into an ASP.NET MVC application, using Forms Authentication.
由于两个应用程序可以在同一URL上使用,因此cookie将在两者之间共享.如何在自托管的SignalR应用程序中接受Forms Authentication cookie?
Since the two applications will be available at the same URL, the cookies will be shared between the two. How do I accept a Forms Authentication cookie in a self-hosted SignalR application?
说明:我说的是一个浏览器,它使用用于登录单独的IIS(但相关且安装在同一主机上)IIS应用程序的凭据来访问自托管的SignalR集线器.
Clarification: I'm talking about a browser accessing a self-hosted SignalR hub using the same credentials that were used to log into a separate (but related, and installed on the same host) IIS application.
所以,问题是:如何调用SignalR服务器管道来捕获.ASPXAUTH
cookie,并在调用集线器之前使用它来设置当前主体?
So, the question is: how do I hook into the SignalR server pipeline to capture the .ASPXAUTH
cookie and use it to set the current principal before calling the hub?
如果有帮助,我可以加入一些南希.
If it helps, I can throw some Nancy into the mix.
推荐答案
如果您的用户已经通过身份验证并登录,则可以在SignalR集线器中检查以下内容:
If your user is already authenticated and logged in, you can check the following within your SignalR hub:
Context.User.Identity.IsAuthenticated
确保将此属性设置为true.您可以将此检查放在集线器的构造函数中,以阻止/删除它们的连接.如果为false,则可以将它们重定向到另一个页面.
Assure this property is set to true. You can place this check within the constructor of your hub to block/remove their connection. If false, you can redirect them to another page.
这篇关于在OWIN托管的SignalR实现中接受ASP.NET Forms身份验证Cookie吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!