Your SlideShare is downloading. ×
  • Like
SignalR
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

SignalR

  • 930 views
Published

 

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
930
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
23
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. SignalR Slawomir Dorzak @sdorzak
  • 2. What I’ll be talking about ● Scaling out your SignalR application ● Securing your endpoints ● Cross domain calls ● Things to watch out for ● Alternatives to SignalR
  • 3. Scaling out your SignlaR app ● Why is it important? ○ Cloud deployments usually require more than 2 instances ○ You will need to scale out some day, so better know your options ● Challenges ○ SignlaR needs to be aware of all connections, it needs some way of sharing data between multiple servers ○ All servers in the pool need to be notified when client sends a message, connects or disconnects ○ Message patterns may vary quite a lot between applications
  • 4. Built-in scale-out support ● SignalR backplane ○ Azure ServiceBus ■ No setup needed ■ Reliability provided by ServiceBus ○ SQL Server ■ Database needs to be created upfront ■ Familiar to most developers ○ Redis ■ Install your own or use one of the "as a service" options ■ Fast - in-memory store ○ NServiceBus ■ 3rd party alternative to Azure ServiceBus
  • 5. DIY Scale-out ○ One "beefy" server ■ you can tweak it for great performance ■ you need to think about failover strategy ■ need to be aware of the scale-up ceiling ○ Context specific ■ great performance ■ can distribute the load more evenly ■ distribution strategy needs to be thought through
  • 6. When to use which? ● For most cases - start with built-in backplane of choice ● If you're expecting high volumes of messages eg. realtime gaming consider DIY approach ● See this great talk on the subject: ○ "Scaling the Real-time Web with ASP.NET SignalR" http://channel9.msdn.com/Events/Build/2013/3-502
  • 7. Demo
  • 8. Securing your endpoints ● SignalR doesn't provide any authentication features ● Use your existing authentication eg. Forms ● Use Authorize attribute to control access to the hub or hub methods ● Do not display connectionId to the clients as it is used in identity verification mechanism
  • 9. Securing your endpoints ● Never blindly trust the client as it can be hijacked or spoofed ● Don't assume client is always the browser ● Communication over ws:// is unencrypted - use wss:// instead! ● validate origin of your clients ● encode input that you broadcast to other clients
  • 10. Cross domain calls ● on the client SignalR automatically detects cross domain URL ● it will use XHR by default with fallback to jsonp ● on the server you need to explicitly allow cross domain connections RouteTable.Routes.MapHubs( new HubConfiguration(){ EnableCrossDomain = true });
  • 11. Things to watch out for ● You need one of the supported OS-es (>Windows Server 2008R2 or > Windows 7) ● You need .NET Framework > 4.0 ● IIS7 or 7.5 needs URL Extensions module, IIS8 has builtin support ● On the client you need jQuery 1.6.4+ ● For websockets transport you need the latest browser ● Complicated stack ● DPI ● Don’t put blocking calls in your hub methods
  • 12. SignalR alternatives ● Socket.IO + NodeJS ○ You can run it on Azure (yes it does run NodeJS :) ○ It's mature and widely used ○ It's not as integrated into .NET environment as SignalR ● SuperWebSocket ○ Multiple hosting options (windows service, console app, web app) ○ Supported on Mono ○ Lower level ● Since .NET 4.5 WCF supports Websockets as transport
  • 13. Resources ● Low level protocol introduction http://lucumr.pocoo. org/2012/9/24/websockets-101/ ● Excellent paper on websockets security http://www. adambarth.com/papers/2011/huang-chen-barth-rescorla-jackson.pdf ● Free SignalR ebook http://eduardopires.net.br/Repositorio/SignalR_eBook.pdf ● SignalR Github account https://github.com/SignalR/Samples