I have a WCF that is being secured using a custom UserNamePasswordValidator. I need to access what normally would be available in:
OperationContext.Current.RequestContext.RequestMessage.Headers.To
so I can parse the URL. However, OperationContext.Current is null. Is there a way to get at the message header without OperationContext?
Yes, it is possible through Message Inspectors.
The OperationContext is not available during the UserNamePasswordValidator.Validate method because it will be created later in the pipeline, when the call has been dispatched to the appropriate service method.
Normally you would intercept incoming and outgoing messages early in the WCF pipeline by using Message Inspectors. However this won't work in your case, since Message Inspectors are invoked only after the request has successfully been authenticated.
If you need to inspect the incoming HTTP request before authentication, your only option is to host your WCF service in IIS running in ASP.NET Compatibility Mode. This way you'll be able to access the request's URL through the HttpContext class:
public override void Validate(string userName, string password)
{
string url = HttpContext.Current.Request.Url.AbsoluteUri;
}
Related resources:
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With