SignalR
Upcoming SlideShare
Loading in...5
×
 

SignalR

on

  • 1,253 views

 

Statistics

Views

Total Views
1,253
Views on SlideShare
1,253
Embed Views
0

Actions

Likes
0
Downloads
18
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SignalR SignalR Presentation Transcript

  • SignalR Slawomir Dorzak @sdorzak
  • What I’ll be talking about ● Scaling out your SignalR application ● Securing your endpoints ● Cross domain calls ● Things to watch out for ● Alternatives to SignalR
  • Scaling out your SignlaR app ● Why is it important? ○ Cloud deployments usually require more than 2 instances ○ You will need to scale out some day, so better know your options ● Challenges ○ SignlaR needs to be aware of all connections, it needs some way of sharing data between multiple servers ○ All servers in the pool need to be notified when client sends a message, connects or disconnects ○ Message patterns may vary quite a lot between applications
  • Built-in scale-out support ● SignalR backplane ○ Azure ServiceBus ■ No setup needed ■ Reliability provided by ServiceBus ○ SQL Server ■ Database needs to be created upfront ■ Familiar to most developers ○ Redis ■ Install your own or use one of the "as a service" options ■ Fast - in-memory store ○ NServiceBus ■ 3rd party alternative to Azure ServiceBus
  • DIY Scale-out ○ One "beefy" server ■ you can tweak it for great performance ■ you need to think about failover strategy ■ need to be aware of the scale-up ceiling ○ Context specific ■ great performance ■ can distribute the load more evenly ■ distribution strategy needs to be thought through
  • When to use which? ● For most cases - start with built-in backplane of choice ● If you're expecting high volumes of messages eg. realtime gaming consider DIY approach ● See this great talk on the subject: ○ "Scaling the Real-time Web with ASP.NET SignalR" http://channel9.msdn.com/Events/Build/2013/3-502
  • Demo
  • Securing your endpoints ● SignalR doesn't provide any authentication features ● Use your existing authentication eg. Forms ● Use Authorize attribute to control access to the hub or hub methods ● Do not display connectionId to the clients as it is used in identity verification mechanism
  • Securing your endpoints ● Never blindly trust the client as it can be hijacked or spoofed ● Don't assume client is always the browser ● Communication over ws:// is unencrypted - use wss:// instead! ● validate origin of your clients ● encode input that you broadcast to other clients
  • Cross domain calls ● on the client SignalR automatically detects cross domain URL ● it will use XHR by default with fallback to jsonp ● on the server you need to explicitly allow cross domain connections RouteTable.Routes.MapHubs( new HubConfiguration(){ EnableCrossDomain = true });
  • Things to watch out for ● You need one of the supported OS-es (>Windows Server 2008R2 or > Windows 7) ● You need .NET Framework > 4.0 ● IIS7 or 7.5 needs URL Extensions module, IIS8 has builtin support ● On the client you need jQuery 1.6.4+ ● For websockets transport you need the latest browser ● Complicated stack ● DPI ● Don’t put blocking calls in your hub methods
  • SignalR alternatives ● Socket.IO + NodeJS ○ You can run it on Azure (yes it does run NodeJS :) ○ It's mature and widely used ○ It's not as integrated into .NET environment as SignalR ● SuperWebSocket ○ Multiple hosting options (windows service, console app, web app) ○ Supported on Mono ○ Lower level ● Since .NET 4.5 WCF supports Websockets as transport
  • Resources ● Low level protocol introduction http://lucumr.pocoo. org/2012/9/24/websockets-101/ ● Excellent paper on websockets security http://www. adambarth.com/papers/2011/huang-chen-barth-rescorla-jackson.pdf ● Free SignalR ebook http://eduardopires.net.br/Repositorio/SignalR_eBook.pdf ● SignalR Github account https://github.com/SignalR/Samples