Monthly Archives: October 2012

Secure your ASP.NET Web API with message handlers.

Message Handlers, commonly known as DelegatingChannels in WCF or DelegatingHandlers in ASP.NET Web API, provide an essential tool for developers to access and manipulate an incoming message prior to that message reaching the HttpControllerDispatcher.

Why would this be useful? Well, you could use a custom message handler for authentication, usage metrics, request logging, the list goes on. I’ll show you an example on basic authentication via simple key validation, but it could be easily extended for OAuth, or some other form of authentication.

Continue reading