在授权2.0 SignalR [英] Authorization in SignalR 2.0
问题描述
我有一个窗体身份验证和承载SignalR集线器的另一台服务器的Web服务器。使用窗体身份验证cookie我想提取使用下面的code当前用户。这将使用HTTP模块是可能的,但使用SignalR时不能使用一个HTTP模块。
I have a Web server with forms authentication and another server that hosts the SignalR Hubs. Using the forms authentication cookie I want to extract the current user using the code below. This would be possible using a HttpModule, but when using SignalR a HttpModule cannot be used.
是否有任何其他方式来归档什么,我想做什么?
Is there any other way to archive what I want to do?
public class AuthorizationHubModule : HubPipelineModule
{
public AuthorizationHubModule()
{
}
protected override bool OnBeforeConnect(IHub hub)
{
var cookies = hub.Context.Request.Cookies;
if (cookies.ContainsKey(".ASPXAUTH") == true)
{
// Get the user, populate the Thread.CurrentUser...
Cookie cookie = cookies[".ASPXAUTH"];
if (cookie != null)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(cookie.Value);
GenericIdentity identity = new GenericIdentity(ticket.Name);
GenericPrincipal principal = new GenericPrincipal(identity, new string[0]);
// Cannot do this because User is readonly (this is possible in a normal HttpModule)
//hub.Context.User = principal;
}
}
return base.OnBeforeConnect(hub);
}
}
我们之后,事情是设置与SignalR相关的IPrincipal。
The thing we are after, is to set the IPrincipal associated with SignalR.
推荐答案
原来,信号-R不能修改相关的IPrincipal因为SignalR没有设想做认证,但它可以从应用程序的认证范围内。所以这样做,因为@Shashank指出的正确方法,是用表格或任何你在你的应用程序中使用,并SignalR会从它那里得到这样的背景下。
Turns out that Signal-R cannot modify the associated IPrincipal because SignalR is not conceived to do authentication, but it gets the authentication context from the application. So the right way of doing this, as @Shashank has pointed out, is to use Forms or whatever you use in your application, and SignalR will get this context from it.
这篇关于在授权2.0 SignalR的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!