passing userId in Hub of SignalR

允我心安 提交于 2021-02-08 11:15:42

问题


Greeting..!, I am making a asp.net chat webApplication using SignalR were I want to keep track of every user and store there actions is database. I use userId to keep track of them. My problem is that I don't want to pass confidential data(like userId) from client form to signalR hub.And I know SignalR hub class does not support sessions. so how can I do that.

I am new to signalR and I googled a lot about this problem but couldn't find any simple answer.


回答1:


SignalR supports different ways to authenticate and authorize users:

  • Cookie
  • Windows authentication
  • Certificate
  • Connection header

You can find more information about SignalR and security here:

http://www.asp.net/signalr/overview/signalr-20/security/introduction-to-security

Keep in mind that even though some info might be transferred, there is often an abstraction that does not really let someone map a user to a token or vice versa on anything else than the server.

Authentication and authorization is only a small part of security which goes further by using SSL and to carefully think what you transmit as you already said., etc.

But on some point you need a link between relevant information on your server side application and the caller. This might be a session identified by the cookie after a classic forms based authentication, an hash based header or whatever you want to create. SignalR is flexible so you could think about something like authentication against a different system and pass only a delegation token.




回答2:


You have different ways to map your userId and the connectionId. Take a look at this tutorial on asp.net



来源:https://stackoverflow.com/questions/23981580/passing-userid-in-hub-of-signalr

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!