Solved

Are there any known issues with using the ASP.net SessionId embedded in the HubCallerContext RequestCookies in SignalR 2.x?

Posted on 2014-03-18
1
473 Views
Last Modified: 2014-03-31
Hi All!


I've got a question regarding use of data found within the HubCallerContext.

I notice there's a collection of RequestCookies that hang off of the context.
They contain the following:
    [0]: {[culture, Microsoft.AspNet.SignalR.Cookie]}
    [1]: {[__RequestVerificationToken_L0VDSQ2, Microsoft.AspNet.SignalR.Cookie]}
    [2]: {[ASP.NET_SessionId, Microsoft.AspNet.SignalR.Cookie]}
    [3]: {[XxxAuth, Microsoft.AspNet.SignalR.Cookie]}


In our previous implementation of SignalR, we leveraged the SessionId which hung
off of the HttpContext Session. Since use of the Session is no longer supported
in SignalR 2.x, we were forced to look for an alternative.

In doing so, we noticed "ASP.NET_SessionId" in the RequestCookies.
Does anyone know of any issues or restrictions with using it?
Is this a safe option to utilize?


Thoughts?

Thanks,
JohnB
0
Comment
Question by:jxbma
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 1

Accepted Solution

by:
jxbma earned 0 total points
ID: 39966674
Since I've received absolutely no attention on this one, I'll leave feedback as to what I've found so far.

We've gone ahead and used the SessionId from the Cookie since that's what is available to us. Up to this point we've seen no issues with this approach.

It remains to be seen whether we'll be continue to support this approach with future releases of SignalR
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question