ServiceStack auth with WebApi

Hi, probably a use-case you’re not going to get again. Not an issue with SS, but any guidance greatly appreciated.

I am evaluating telerik reporting engine, and they supply 2 REST service implementations that the html report viewer interacts with, 1) a WebApi and 2) SS v3. The WebApi works fine as I have a separate MVC “Frontend” and a SS back-end which is configured via a virtual directory.

However, I’m not sure how I can secure the reporting service. The Controller provided in ServiceStack.Mvc is a MVC (rather than WebApi) controller so the ApplyServiceStackFiltersAttribute won’t work. Now obviously I can:

a) examine ServiceStack.Mvc code and try to re-factor the general idea to work with WebApi.
b) buy Telerik’s product and try to re-build their SS v3 implementation in SS v4.

But before I go down either of these rabbit-holes I’m just wondering if I there’s an obvious thing I’m missing?


If this is in ASP.NET you can access the Users Session with:

var req = HostContext.TryGetCurrentRequest();
var session = req.GetSession();
if (session.IsAuthenticated)

Awesome - as long as I hook up redis so it can resolve the session, all works. Many thanks.