8

i am trying to make SignalR work using ASP.NET Identity. The code is very simple, where we create a new MVC5 Web Application, enable Google Account External, login with google account and make request to the Hub recognize the user by calling:

Context.User.Identity

Anyway, this is always returning null and it seems the client proxy is not able to send the external cookie.

The only workaround is doing the same steps as stated here:

http://gobbe.net/2013/06/13/use-the-asp-net-membership-in-a-signalr-chat-with-an-asp-net-mvc-4-application/

The workaround works, but I would prefer to use another solution. I also checked https://github.com/gustavo-armenta/CookieAuthenticationSample but this is not using external authentication.

Do you have any other ideas on how the Hub can recognize the external authentication schema of ASP.NET Identity?

Thanks

Improve this question
3
  • "The workaround works, but I would prefer to use another solution" - can you give any concrete reasons for that? What if the next suggestion that someone gives you has exactly the same problems as the workaround you're already aware of? That can be avoided if you give the reasons. Commented Jan 10, 2014 at 15:34
  • Thanks for the feedback. I am trying just to understand if I am missing something or if SignalR just does not support External Authentication using ASP.NET Identity and if so, I would fallback to the workaround. Commented Jan 10, 2014 at 16:00
  • The workaround is very insecure. It wouldn't be difficult for a malicious client to create a valid token for an arbitrary display name. It seems like the author was trying to manually implement some sort of HMAC, but completely failed due to the lack of any sort of secret key. You would be much better off using something like System.Web.Security.MachineKey or System.Security.Cryptography.ProtectedData. Commented Jan 10, 2014 at 23:08

1 Answer 1

Reset to default
12

Ok. After hours of searching I went to jabbr online support and davidfowl helped out. The problem was the ordering of the calls on the Startup class. I had:

        app.MapSignalR();
        ConfigureAuth(app);

instead of:

        ConfigureAuth(app);
        app.MapSignalR();

Thanks David.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.