The inner handler has not been assigned using WebApi Delegating handler

I have got a problem with WebApi throwing an exception here in my code:

public class WebApiAuthenticationHandler : DelegatingHandler
        private const string AuthToken = "AUTH-TOKEN";

        protected override Task<HttpResponseMessage> SendAsync(
            HttpRequestMessage request, CancellationToken cancellationToken)
            var requestAuthTokenList = GetRequestAuthTokens(request);
            if (ValidAuthorization(requestAuthTokenList))
                // EXCEPTION is occuring here!....
                return base.SendAsync(request, cancellationToken);

            ** This will make the whole API protected by the API token.
            ** To only protect parts of the API then mark controllers/methods
            ** with the Authorize attribute and always return this:
            ** return base.SendAsync(request, cancellationToken);
            return Task<HttpResponseMessage>.Factory.StartNew(
                () =>
                    var resp = new HttpResponseMessage(HttpStatusCode.Unauthorized)
                        Content = new StringContent("Authorization failed")

                    //var resp = new HttpResponseMessage(HttpStatusCode.Unauthorized);                                                                                   
                    return resp;

The exception is happening on the line:
base.SendAsync(request, cancellationToken);

I haven’t a clue how to fix this. I have the following in my route table:
    routes.MapHttpRoute("NoAuthRequiredApi", "api/auth/", new { Controller = "Auth" });
    routes.MapHttpRoute("DefaultApi", "api/{controller}/{id}", new { id = RouteParameter.Optional }, null, new WebApiAuthenticationHandler());

The route this happens on is the DefaultApi route. Any help greatly appreciated….


Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Found the answer here and an example handler here.

You need to set the InnerHandler you want the request passed on to.

Simply add this to your constructor:

public class WebApiAuthenticationHandler : DelegatingHandler
    public WebApiAuthenticationHandler(HttpConfiguration httpConfiguration)
        InnerHandler = new HttpControllerDispatcher(httpConfiguration); 

And pass in a reference to GlobalConfiguration when creating a new instance:
routes.MapHttpRoute("DefaultApi", "api/{controller}/{id}", new { id = RouteParameter.Optional }, null, WebApiAuthenticationHandler(GlobalConfiguration.Configuration));

Method 2

Sometimes you should check the RESTful Url you request if it really does exist in your controller. I have ever encountered this kind of exception which was caused by the wrong URL match. thanks.

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments
Would love your thoughts, please comment.x