我正在尝试在 ASP.NET WebAPI 项目中记录整个传入请求和传出响应。虽然我同意 DelegatingHandler,但我的雇主坚持使用 HttpModule。您如何向她解释为什么我们应该使用 DelegatingHandler 而不是 HttpModule?还是我错了?
最佳答案
我会使用 DelegatingHandler . DelegatingHandler是 Web API 管道的一部分,可以在任何主机下运行。 HttpModule 不是 Web Api 的一部分,需要 IIS。
虽然与您的问题没有直接关系,但我将引用以下内容 MSDN突出显示两者(包括差异)的文章:
HTTP Module This is an option for Web APIs running on IIS. HTTP modules allow security code to execute early as part of the IIS pipeline. The principal established from an HTTP module is available to all components, including the IIS components running later in the pipeline. For example, when the principal is established by an HTTP module in response to the AuthenticateRequest event, the username of the principal gets logged correctly in the cs-username field in IIS logs. The biggest drawback with HTTP modules is the lack of granularity. HTTP modules run for all requests coming into the application. For a Web application with different capabilities such as HTML markup generation, Web APIs and so on, having an HTTP module enforcing authentication in one way is generally not a flexible-enough approach. Another disadvantage with using an HTTP module is the dependency on the host—IIS, in this case.
Message Handler An extensibility option provided by ASP.NET Web API, the greatest benefit in using a message handler for security is it’s a concept of the ASP.NET Web API framework and, hence, doesn’t depend on the underlying host or server. Also, a message handler runs only for Web API requests. The downside of using a message handler is the lack of finer control. A message handler can be configured to run as a global handler for all requests or for a specific route. For a given route, you can have multiple controllers. All these controllers and the action methods they contain must share the same authentication enforced by the message handler configured for that route. In other words, the lowest granularity for authentication implemented by a message handler is at the route level.
关于c# - HttpModule 与 DelegatingHandler - 优点/缺点?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39373219/