O'Reilly logo

SignalR - Real-time Application Development - Second Edition by Einar Ingebrigtsen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing the hub

Since, by default, we have everything locked down, the hub is also protected. This means that going directly to the URL won't get you there. However, we will be explicitly securing the hub. SignalR comes with an attribute called Authorize, similar to the one you find in ASP.NET MVC and so on. There are other mechanisms for securing hubs, but we won't go into that in this book. To enforce that users need to be logged in, we can use the Authorize() attribute:

  • The Authorize() attribute can be used for both hubs and methods on a hub. It has a couple of options that can be passed to it, such as users and roles holding comma delimited required users and/or roles. However, it also has a property called RequireOutgoing that tells SignalR ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required