I've got a WebApi2 Owin self-host app using Autofac DI integration. Recently I spent some time troubleshooting an issue with middleware constructor injection without any hints or any useful exception details and wondering how I should improve the code below to provide error details in all cases. I'm using the recommended approach for global error handling but looks like it doesn't handle everything. Consider the following snippets:
Middleware:
public class ClientCertificateAuthenticationMiddleware : AuthenticationMiddleware<ClientCertificateAuthenticationOptions>
{
IClaimAuthorizationProvider claimProvider;
public ClientCertificateAuthenticationMiddleware(OwinMiddleware next, ClientCertificateAuthenticationOptions options, IClaimAuthorizationProvider claimProvider)
: base(next, options)
{
this.claimProvider = claimProvider;
}
protected override AuthenticationHandler<ClientCertificateAuthenticationOptions> CreateHandler()
{
return new ClientCertificateAuthenticationHandler(claimProvider);
}
}
App builder, DI configuration
HttpConfiguration config = new HttpConfiguration();
// error handling
config.Services.Replace(typeof(IExceptionHandler), new GlobalExceptionHandler());
config.Services.Add(typeof(IExceptionLogger), new GlobalExceptionLogger());
config.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Always;
// DI registrations
var builder = new ContainerBuilder();
builder.RegisterApiControllers(Assembly.GetExecutingAssembly());
builder.RegisterType<ClaimAuthorizationProvider>().As<IClaimAuthorizationProvider>().InstancePerLifetimeScope();
// missing registration causing the error
//builder.RegisterInstance(new ClientCertificateAuthenticationOptions());
builder.RegisterType<ClientCertificateAuthenticationMiddleware>().InstancePerRequest();
var container = builder.Build();
config.DependencyResolver = new AutofacWebApiDependencyResolver(container);
// integrate Autofac into Owin pipeline
appBuilder.UseAutofacMiddleware(container);
appBuilder.UseAutofacWebApi(config);
appBuilder.UseWebApi(config);
With this configuration I was getting the following response, without IExceptionHandler and IExceptionLogger being hit:
HTTP/1.1 500 Internal Server Error
Content-Length: 0
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 19 Oct 2015 07:55:00 GMT
The cause of the problem was quite trivial - missing dependency registration (the one commented out), but without any error details it wasn't easy to nail it down, so My question is: How do I configure the app so that ALL exceptions, absolutely Everything that is unhandled gets logged with details? (Something I was expecting from IExceptionHandler)
I think the global (webapi) error handler and error logger are intercepting exceptions in the Webapi tier/middleware. For all the other middlewares, like the custom authentication above, you have to take care of error handling/logging.