An earlier article describes how an MVC filter is added to the WebSocketHandler endpoint to add a security layer to this connection. Read more details about when this is required and recommended in the mentioned article.

In ASP.NET Core Web Applications, the WebSocketHandler is added through a middleware. A middleware is code added to the app pipeline to handle specific requests.

The following class WebSocketSecurityMiddleware must be implemented in your project. It checks for incoming WebSocket requests and their protocol. In case, it is a TX Text Control WebSocket request (protocol: TXTextControl.Web), a given access token from the query string is checked. This very simple check is for demo purposes only. In real-world applications, the access token should be any identity token implemented through OAuth or any other security architecture.

Loading...

In the Configure method of the Startup.cs file that configures the HTTP request pipeline, add the security middleware before the WebSocketMiddleware:

Loading...

In the view, call the WebSocketURL property with an access token that will be used for the comparison in the security middleware:

Loading...