0

Upgrading from a custom build made around 0.4.0 SignalR I find that authentication no longer works.

I have an RIA Services app with forms authentication (based on stock AuthenticationBase<>) and HttpContext.Current accessed from PersistentConnection's handlers used to carry user identity. In IIS logs I see the identity still passed with RIA requests.

Upgrading to latest SignalR I observe that the identity is not available in either HttpContext or IRequest passed in. From Fiddler logs the request is rejected with 403 and credentials aren't sent.

Setting Connection.Credentials to new NetworkCredentials() doesn't change anything.

Looking at the source code and the wholly inadequate documentation hasn't yielded any insights. If anyone has been able to run authenticated connection from a Silverlight client to ASP.NET hosted PersistentConnection I'd much appreciate any pointers!

PS: I also find it curious that browser's network tracing doesn't show SignalR's traffic anymore, what's going on here?

Eugene Tolmachev
  • 822
  • 4
  • 14
  • 1
    SignalR traffic is sent using Http Client, read this documentation: http://msdn.microsoft.com/en-us/library/dd920295(v=vs.95).aspx – Gustavo Armenta Jun 25 '13 at 16:06
  • One thing that might be biting you is the fact that later versions of SignalR use the Client stack instead of the browser stack. – davidfowl Jun 25 '13 at 16:36
  • That might explain both observations, thanks! Now I just need to figure out how to force it back into using browser request pipeline... – Eugene Tolmachev Jun 25 '13 at 16:46

3 Answers3

0

Are you trying to connect over a domain boundary? There are additional steps that need to be taken in that case- see the "403 forbidden" section of the following page:

http://www.asp.net/signalr/overview/troubleshooting-and-debugging/troubleshooting

Patrick Fletcher
  • 274
  • 1
  • 3
0

AuthorizeRequest method is invoked twice. First time your request is not sending auth headers and AuthorizeRequest should return false, then internally SignalR stack produces a http response with 401 Unauthorized. Then, a second request is created this time sending auth headers and you should see the username in IRequest.User.Identity.Name

Gustavo Armenta
  • 1,525
  • 12
  • 14
0

An easy solution is to change SignalR/src/Microsoft.AspNet.SignalR.Client/Http/HttpHelper.cs line number 150 to

request = (HttpWebRequest)System.Net.Browser.WebRequestCreator.BrowserHttp.Create(new Uri(url));

instead of

request = (HttpWebRequest)System.Net.Browser.WebRequestCreator.ClientHttp.Create(new Uri(url));

which will force signalR to use browser-stack instead of client-stack when the connected client is silverlight.

Sunil Munikar
  • 25
  • 2
  • 6
  • I actually tried that. It kinda worked. In the end I ended up going back to the old version because there were too many differences and I didn't have time nor wish to address them. – Eugene Tolmachev Jun 28 '13 at 15:17