Stefan Tsalapatis - 340 - Dec 15, 2013

I try to upgrade a self-hosted service in v4. but almost everything in AppHost have changed. I corrected a lot but not all. Where  are the Request filters?  How I will access the IHttpRequest.HttpMethod?  the AppHost is based to AppHostHttpListenerBase  or to ServiceStackHost ?   IF it is in ServiceStackHost, then  where is the Stop method?  is there an updated  self-hosted service example with a relatively complex configure  ?

Wayne Brantley:

IRequest is what you have.  If you cast that to IHttpRequest, you will find the HttpMethod.    I believe it is AppHostHttpListenerBase if you want to listen to standard Http requests.  The ServiceStackHost I think is a more generic implementation.  Hope that helps!

Stefan Tsalapatis:

Yes,  about IHttpMethod, IRequest resolves to ListenerRequest which implement the interface IHttpRequest. As for the AppHost,   Demis wrote in Release notes that “all AppHost’s share the same ServiceStackHost base class”.  Really, as you say, that AppHost inherits AppHostHttpListenerBase=>HttpListenerBase =>ServiceStackHost .
But where are the RequestFilters, I cannot find them. I suppose  now  is the GlobalRequestFilters ?  but I am not sure. For this reason, I was confused with AppHost.

Note: you can also get the HttpMethod from IRequest.Verb. Yes RequestFilters were renamed to GlobalRequestFilters to better match what they are and to have consistent naming with the Client GlobalRequestFilter (I’ve just added this change to release notes, thx). To Stop you can just use AppHostHttpListenerBase.Stop() which is on the HttpListenerBase base class.

Stefan Tsalapatis:

+Demis Bellot
 thanks.  I suppose this code for CORS it is still needed, in GlobalRequestFilters 
 if  ( httpReq.Verb == HttpMethods.Options)
Only in Routes the Options added automatically.
BTW, about the Stop,  I asked yesterday in SO about “gracefully shutdown”,  Scott answered and we found an interesting solution. Can you review it, or find better ?

Yeah it looks quite good for waiting until all pending requests have finished before stopping the HttpListener.

Note: the CorsFeature already includes code to handle all OPTIONS request by default (which replaces your own if you have any):

Stefan Tsalapatis:

+Demis Bellot
 The ContentTypeFilters are needed or not ?
They are missed in v4. I used them to register protobuf.

Stefan Tsalapatis:

  Maybe??  I should write only this
  container.Register<IProtoBufPlugin>(new ProtoBufFormat()); 

Instead of this in v3.

 Plugins.Add(new ProtoBufFormat() );               ContentTypeFilters.Register(ContentType.ProtoBuf,     (reqCtx, res, stream) => ProtoBuf.Serializer.NonGeneric.Serialize(stream, res),     ProtoBuf.Serializer.NonGeneric.Deserialize);

ContentTypeFilters has been renamed to ContentTypes now, I’ll add it to the release notes.

Stefan Tsalapatis:

and the ContentType.Protobuf is now  the class MimeTypes.Protobuf, probably.

Stefan Tsalapatis:

Question: What is the correct  or preferable  now, or both are equivalent.       container.Register<IProtoBufPlugin>(new ProtoBufFormat());
            Plugins.Add(new ProtoBufFormat(); 

They’re not equivalent, always use the Plugin API when its available.

Stefan Tsalapatis:

Is there any change in authentication ? I add  AuthFeature with custom session and BasicAuthProvider. It is registered but never call  the  TryAuthenticate

Not that I know of .

Stefan Tsalapatis:

+Demis Bellot  sorry, my question maybe is naive.  But  as I can see , creating only a CustomAuthenticateAttribure
 ( without providers )
 I can handle in the  Execute the authorization. Can you confirm me, please  if my thought is not viable ? thanks

I’m not sure what’s being asked, if you’re asking can I implement my own authentication with filters without needing to use the built-in authentication then yes, that’s possible. You still need to register the SessionFeature to use ServiceStack’s cookies/session which you can get with IRequest.GetSessionId() extension method, otherwise you can avoid the SessionFeature and use your own cookies. 

Stefan Tsalapatis:

+Demis Bellot
thx.  yes   the  AuthFeature should be  enabled. It enables the session too .
 It seems  then that  it works  using  the CustomAuthenticateAttribute without providers, writing code in Execute.
 I use the HttpRequestAuthentication to get  user and password and the SessionFeature .AddSessionIdToRequestFilter. I  save also in   in memory  credentials and  session-id pid  for subsequent calls.   Next call,  I check at first if  the request.GetSessionId  is stored in memory
It seems correct to me.  Is this a viable way ? 
I can end the request from there easily , but I have not find way to send an exception or message. if I throw an exception it does not pass from the ServiceRunner as the others  from service body.
Another  problem I cannot understand.  is why  in  the  first  user call,  the  CustomAuthenticate Execute fired  twice (first time the keypair of user/pwd  is null).
thx again

Still unsure what’s being asked. Is it viable to store and use sessionIds in memory? yes, tho when your AppDomain recycles the memory resets itself so you’ll lose the session. Is the next problem how to write a response in a filter? You can just write it to the response stream, here’s an example: