Featured

ASP.NET Core makes it extremely easy to configure authentication right out of the box with a choice from a plethora of different built-in authentication handlers. Everything from Single Sign On with Facebook to JWT to simple cookie authentication is available right out of the box. Where I found the ASP.NET Core documentation lacking was when attempting to use multiple authentication handlers at the same time. I was already using the JWT handler in my application, but I wanted to have my custom API key authentication handler run and handle authentication if no Authorization header was supplied as part of the request. Finding the answer to how to accomplish that took longer than it should have, so hopefully this blog post will save others from that same fate.

SignalR poses some small challenges when running in a load balanced environment. When you have multiple servers then some users will have SignalR connections open to one server and then some users will have SignalR connections open to another. The usual solution is to use a SignalR backplane so that all the servers in your cluster can see every SignalR message that was sent, then forward the message to the appropriate users connected to each server. This way users connected to Server B can see SignalR messages sent from Server A. Then you smack a load balancer in front of all the SignalR servers so that you can evenly distribute traffic across all of them, the only problem is that traditionally you have to use sticky sessions on your load balancer in order to make SignalR work.