具有客户端证书认证的SignalR [英] SignalR with Client Certificate Authentication
问题描述
我在IIS上托管了服务,该服务使用SignalR与客户端建立持久连接.
I have service hosted on IIS that uses SignalR to establish a persistent connection with a client.
我正在尝试实现客户端证书身份验证,以便服务器可以根据其发送的证书来验证客户端是有效客户端.我正在使用Signalr的PersistentConnection.
I am attempting to implement client certificate authentication so that the server can verify that the client is a valid client based on the certificate they send. I am using Signalr's PersistentConnection.
客户:我创建一个Connection对象,并创建一个X.509证书,该证书通过以下方式添加到连接中:
Client: I create a Connection object, and i create a X.509 certificate which i add to the connection through:
var connection = new Connection("localhost:8060/TheService/connect");
connection.AddClientCertificate(certificate);
connection.Start().Wait();
当客户端尝试连接时,我想验证其提供的证书是有效的证书.因此,在服务器端,我重写了SignalR的PersistentConnection中的AuthorizeRequest()方法:
When the client attempts to connect, I want to verify that the certificate that it provides is a valid certificate. So on the server side I override the AuthorizeRequest() method in SignalR's PersistentConnection:
public class MyConnection : PersistentConnection
{
protected override Task OnReceived(IRequest request, string connectionId, string data)
{
return Connection.Broadcast("Server Received: " + data);
}
protected override bool AuthorizeRequest(IRequest request)
{
INameValueCollection headers = request.Headers;
foreach (KeyValuePair<string, string> entry in headers)
{
Console.WriteLine("Key: {0}, Value: {1}", entry.Key, entry.Value);
Console.WriteLine("");
}
return true;
}
}
我的问题是:如何在AuthorizeRequest方法中检索客户端证书?我需要SignalR以某种方式获得对证书的访问权限,以便我可以对其进行验证,然后再返回false(错误证书)或返回true(有效证书).
My question is: how do I retrieve the client certificate in the AuthorizeRequest method? I need SignalR to somehow gain access to the certificate so that I can verify it AuthorizeRequest and then either return false (bad cert), or return true (valid cert).
谢谢!
推荐答案
您应该能够从以参数形式获取的请求中获取证书. HttpClientCertificate cert = request.GetHttpContext().Request.ClientCertificate;
You should be able to get the certificate from the request you get as parameter.
HttpClientCertificate cert = request.GetHttpContext().Request.ClientCertificate;
这篇关于具有客户端证书认证的SignalR的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!