SignalR cross-domain connections with self-hosting and authentication

后端 未结 2 1372
旧时难觅i
旧时难觅i 2021-02-05 14:58

I have a CORS problem when self-hosting SignalR with OWIN, which only happens when I try to enable authentication.

The error I get in my web browser is:

相关标签:
2条回答
  • 2021-02-05 15:16

    I presume you're using Chrome, which very unhelpfully tells you that these headers are missing and that this is the problem, when actually you have probably just forgot to set your XMLHttpRequest's withCredentials property to true.

    If you're using jQuery you can do this for all requests with:

    $.ajaxPrefilter(function (options, originalOptions, jqXHR) {
      options.xhrFields = { withCredentials: true };
    });
    

    You also need to do the right thing with OPTIONS requests as in the other answer.

    0 讨论(0)
  • 2021-02-05 15:23

    I have gotten NTLM authentication to work with cross domain signalR self-hosted in OWIN by allowing the preflight requests anonymous access.

    What one needs to do is create a delegate for choosing the authentication scheme which looks for the preflight request headers, and allows these through anonymously. All other requests will use NTLM.

    public void Configuration(IAppBuilder appBuilder)
    {
        var listener = (HttpListener)appBuilder.Properties[typeof(HttpListener).FullName];
        listener.AuthenticationSchemeSelectorDelegate += AuthenticationSchemeSelectorDelegate;
    }
    
    private AuthenticationSchemes AuthenticationSchemeSelectorDelegate(HttpListenerRequest httpRequest)
    {
        if (httpRequest.Headers.Get("Access-Control-Request-Method")!=null) 
            return AuthenticationSchemes.Anonymous;
        else 
            return AuthenticationSchemes.Ntlm;
    }
    
    0 讨论(0)
提交回复
热议问题