There is a lot of information on how to do forms authentication or Windows authentication using SignalR. I am interested in using my own authentication database. I use the .NET client because the connecting agent is a service, not a web browser with the person behind it. I would ideally want my client code to use:
hubConnection.Credentials = new NetworkCredential(userName, password);
And my server code is to use [Authorize] in hubs and have access to Context.User. All messages exceed https, so I don't need plain text.
I read the asp.net basic validation guide which shows how to override the authentication mechanism using IHttpModule. However, the Authorization header never appears in requests coming from the .NET SignalR client when I interrupt the code in the HttpModule.
All I want to do is trivially pass the username and password from the client and indicate how authentication on the server occurs. Is it that hard? No magic. No Active Directory. Just authentication with me.
My current, working approach is to set custom headers that are interpreted at the SignalR level (using the AuthorizeAttribute user attribute), however, apparently, the βright way to do thisβ is to not authenticate at the authorization level and instead the web server does this is before any SignalR event occurs.
Can anyone describe a good procedure for a complete but simple, simple authentication?
Robin source share