Accepting ASP.NET Forms Authentication cookies in an OWIN-hosted SignalR implementation?

6
votes

I've got an self-hosted SignalR instance, using OWIN. I'd like to implement authorization. My users will already have logged into an ASP.NET MVC application, using Forms Authentication.

Since the two applications will be available at the same URL, the cookies will be shared between the two. How do I accept a Forms Authentication cookie in a self-hosted SignalR application?

Clarification: I'm talking about a browser accessing a self-hosted SignalR hub using the same credentials that were used to log into a separate (but related, and installed on the same host) IIS application.

So, the question is: how do I hook into the SignalR server pipeline to capture the .ASPXAUTH cookie and use it to set the current principal before calling the hub?

If it helps, I can throw some Nancy into the mix.

1
forms-authenticationsignalrowin
Did you ever find a solution to your issue. I'm attempting the same (though my MVC app and my self-hosted SignalR service are on different ports).Lance Held

1 Answers

0
votes

If your user is already authenticated and logged in, you can check the following within your SignalR hub:

Context.User.Identity.IsAuthenticated

Assure this property is set to true. You can place this check within the constructor of your hub to block/remove their connection. If false, you can redirect them to another page.