Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Are there any known issues with using the ASP.net SessionId embedded in the HubCallerContext RequestCookies in SignalR 2.x?

Posted on 2014-03-18
1
Medium Priority
?
492 Views
Last Modified: 2014-03-31
Hi All!


I've got a question regarding use of data found within the HubCallerContext.

I notice there's a collection of RequestCookies that hang off of the context.
They contain the following:
    [0]: {[culture, Microsoft.AspNet.SignalR.Cookie]}
    [1]: {[__RequestVerificationToken_L0VDSQ2, Microsoft.AspNet.SignalR.Cookie]}
    [2]: {[ASP.NET_SessionId, Microsoft.AspNet.SignalR.Cookie]}
    [3]: {[XxxAuth, Microsoft.AspNet.SignalR.Cookie]}


In our previous implementation of SignalR, we leveraged the SessionId which hung
off of the HttpContext Session. Since use of the Session is no longer supported
in SignalR 2.x, we were forced to look for an alternative.

In doing so, we noticed "ASP.NET_SessionId" in the RequestCookies.
Does anyone know of any issues or restrictions with using it?
Is this a safe option to utilize?


Thoughts?

Thanks,
JohnB
0
Comment
Question by:jxbma
1 Comment
 
LVL 1

Accepted Solution

by:
jxbma earned 0 total points
ID: 39966674
Since I've received absolutely no attention on this one, I'll leave feedback as to what I've found so far.

We've gone ahead and used the SessionId from the Cookie since that's what is available to us. Up to this point we've seen no issues with this approach.

It remains to be seen whether we'll be continue to support this approach with future releases of SignalR
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
In real business world data are crucial and sometimes data are shared among different information systems. Hence, an agreeable file transfer protocol need to be established.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question