Here are the answers to your questions (you need to read number 2 to understand Interceptors and Inspectors a bit):
1. Solving the problem (you need to add your own code logic to it)
Inject the IDispatchMessageInspector into the following code. Note that the name of the next class must be changed to inspector, but as you mentioned, you cannot change it, so you must implement the interface here. Otherwise, it is recommended to create another class with the suffix Matching Inspector and its implementation.
public class AuthenticationInterceptor : RequestInterceptor, IDispatchMessageInspector {
2. The difference between RequestInterceptor and MessageInspectors
In any message on the client server there can be two important phases of communication. First, when the client establishes a connection with the server and the second, when they both exchange data.
When establishing a connection, there is no need for the client that is trying to establish the connection to be a valid client. This may be an unauthorized request, or it is possible that the request is valid, but not intended for the designated server and requires authorization or redirection of the connection.
A good example of a redirect is:
you want regional clients / servers to avoid communication between regions, but one of the clients (which is valid), but trying to connect to another regional server.
You want the servers to selectively decide whether you want to allow client-server interworking for several exceptional users.
There may be even more complex redirection scripts that go beyond the scope of this answer.
Thus, in WCF, the Rest starter kit provides an additional option to intercept the request during the connection setup phase. The interceptor (in your case, AuthenticationInterceptor) must authenticate such requests, and if the request is invalid, it can register the necessary records and simply reject the processing of any connection further from this rejected client / session.
We have many advantages of having a RequestInterceptor:
This helps us verify the incoming request at a very early stage.
This can help us create custom authenticators or redirect components.
It blocks any further processing of messages during the request phase itself, which is very important to prevent unnecessary loading from the WCF / server service.
Message Inspector: MessageInspectors can be considered as part of the second phase of client-server interaction, when the request is verified and the connection is well established, and thus the time when the client-server should begin to communicate, passing messages to each other. Now, in your application environment, it is possible that messages will be sent using a binary, xml or json-serialized format. Ciphers may be applicable.
For example, it is possible that a message arrives from client A and is transmitted to server B server now Queues it to another server C, which can wait for additional information from another server D. As soon as server D provides information, server C, which has a message in the queue, additionally joins the raw message received from server B and server D, transfers it to another service for deserialization and converting it to something meaningful, which can be returned to server B and B, returns it back to the client the A.
Pretty complicated, isn't it? But multi-server authentication, such as credit card payments using a mobile PIN, works the same way, although it may not be exactly the same, but even more complex.
At WCF, interceptors and inspectors can work together, and their responsibilities are different. The interceptor checks the end user / connection / redirection, and the inspector checks / processes the message.
A few points:
You can create your own message inspectors by implementing the client side IClientMessageInspector and server side IDispatchMessageInspector.
You can implement both interfaces in one class if you own both client and server components.
Here, in your case, you need to implement IDispatchMessageInspector.
The class that implements IDispatchMessageInspector does not intercept, as I mentioned earlier, but is designed to "check" the incoming message and any outgoing message, and this inspector can be connected using configurations when the message arrives from the client.
Please note that by this time at the levels of the Inspector, any incoming message is already processed at different levels of the channel stack and assigned to the WCF service to process this request. If you use any kind of encryption between them, the message is already decrypted. But the message has not yet been deserialized.
Using your custom inspector - perhaps your system implements its own serialization format, such as (SWIFT / FIX protocol in the banking system) or another level of ZIP / Unzip encoding, etc.
This user inspector can deserialize the data and pass it to your COMP component, which is actually designed to work with deserialized data.
The IDispatchMessageInspector interface has two methods that must be implemented:
a) AfterReceiveRequest and
b) BeforeSendReply (ref Message, Object).
AfterReceiveRequest is a method that can desert data and passes it to a COMP, and the BeforeSendReply method is a method that serializes the data again and performs any operation on the message.
You can use the behavior to attach MessageInspectors for each message your web service receives. Both, custom interceptors and inspectors are primarily designed for use on an enterprise platform or highly customizable platforms.
Hope this answer helps you. You can read more at the following links (maybe you went through the first one):
http://msdn.microsoft.com/en-us/library/ee391967.aspx
http://msdn.microsoft.com/en-us/library/aa717047 (v = vs .110) .aspx
Relations Kajal