Last post Aug 09, 2014 06:41 AM by tec-goblin
May 10, 2014 02:37 PM|tec-goblin|LINK
I want to build a SignalR application accessible by both an ASP.NET webpage (of my control) and a WinRT application (also of my control). I am trying to determine the simplest (yet secure) way to provide authentication. I would like this to be as seamless
My WinRT clients will of course have a microsoft account. I would like them to be able to connect as seamlessly as possible to SignalR. Ideally, a scenario of some kind of windows-like authentication with the Microsoft Account they use on their PC would
be the best.
For the website users, any type of a one-shot registration and a login process is acceptrable.
I know it would have been simpler had I used Azure Mobile Services, but I have other reasons to stick with ASP.NET.
I understand that I'll be able to perform an OAuth authentication like this:
http://leoncullens.nl/post/2012/09/26/Using-OAuth-2-in-WinRT-using-Csharp-it-has-never-been-easier-before.aspx (but with Microsoft account instead of Google account)
I am not sure if this approach will give me a cookie I will be able to use with:
Am I moving towards the correct direction?
(Update: I managed to set up logging in with microsoft accounts in my web site, but I still don't see how to initiate this through my application. I should probably ask in the security forum)
May 10, 2014 11:24 PM|rstrahl|LINK
This document mentions the following code:
When using Windows authentication, you can pass the current user's credentials by using the DefaultCredentialsproperty. You set the credentials for the
connection to the value of the DefaultCredentials.
static void Main(string args)
var connection = new HubConnection("http://www.contoso.com/");
connection.Credentials = CredentialCache.DefaultCredentials;
Not sure how the WinRT handlers this but I suspect there should be a similar facility to pass the DefaultCredentials.
+++ Rick ---
May 20, 2014 11:10 AM|tec-goblin|LINK
I've read this document, but, for the DefaultCredentials to pass, this means I am using Organisation Accounts for my application, as far as I understand it and that I have activated Azure Active Directory. This option doesn't even exist if I'm using the
What I am proposing is using Microsoft Account OAuth (which should be very similar to facebook OAuth).
Aug 09, 2014 06:41 AM|tec-goblin|LINK
I posted a way to perform a workaround (with LiveSDK)