An unexpected behavior of Authorize attribute in SignalR hub, Windows Authentication

做~自己de王妃 提交于 2019-12-12 02:03:49

问题


I'm having a very strange problem with SignalR and I do not know what to do with it.

I made a simple SignalR application from tutorial (http://www.asp.net/signalr/overview/signalr-20/getting-started-with-signalr-20/tutorial-getting-started-with-signalr-20) in VB.NET, the only thing I changed was that I added <Authorize()> attribute to the Hub class, and made the Send message method grab user name from context.

We have development server (Windows Server 2008 R2, IIS7, .NET 4.5.1.). In the development server, in IIS and application settings I enabled Windows Authentication and ASP.NET impersonation. The application works just as expected.

Now, when I deploy this simple application to our production server, the application simply does not work. OS and .NET versions are the same, and I asked our admins to configure IIS and application settings in exactly the same way as in development. When I open index.html in Chrome, I see ERR_INVALID_AUTH_CREDENTIALS in JS console, and FF Firebug gives 401 Unauthorized error. Of course, the hub methods do not work.

If I remove <Authorize()> attribute from Hub and recompile the application, it works in both dev and prod, but in this case user name is empty in the Context. So, the problem is definitely somewhere in the Authorization or authentication.

we have some other application in production server which are using Windows Authentication as well, but we never had any problem with them.

Which settings of the server/IIS may cause such a problem?


回答1:


I am not sure if we had the exact same issue, but I think other folk might find your problem on SO while looking for solutions to the problem I had.

My problem was the [Authorize] attribute worked fine in my MVC controllers, but the attribute of the same name, different namespace, didn't work in my hubs. I kept seeing Context.User being null, and 401 unauthorized messages being received by clients trying to connect to my hub.

I looked for several hours over a week to try and figure out what was causing my problem, and I finally figured it out.

[assembly: OwinStartup(typeof(Startup))]

namespace Your.Namespace
{
    public partial class Startup
    {
        public void Configuration(IAppBuilder app)
        {  
            ConfigureAuth(app);
            ConfigureSignalR(app);
        }
    }
}

Its obvious to me now that you should ConfigureAuth before ConfigureSignalR, but in the getting started guides it is not explicit enough. I had them the wrong way around.

Hope this helps someone!



来源:https://stackoverflow.com/questions/25789873/an-unexpected-behavior-of-authorize-attribute-in-signalr-hub-windows-authentica

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!