Hosting Options
When the transport property is set to ttHTTP, the MCPServer class may be hosted via an external server framework like ASP.NET Core, via an embedded HTTP server, or in a fully offline mode. The processing_mode property should be set according to the type of hosting option used. Possible hosting options are:
The following aspects of class use and behavior are impacted by hosting options:
- Processing Inbound Requests
- Authentication
- Configuration Requirements
- Connection Security
- Sending Responses
Embedded Server
Processing Inbound Requests
When functioning in embedded server mode, the component's start_listening method causes the embedded web server to begin listening for inbound MCP requests. The and properties must be set prior to starting the server.
if (procmode == MCPServerProcessingModes.modeEmbeddedServer)
{
server.ServerSettings.LocalHost = "localhost";
server.ServerSettings.LocalPort = "80";
server.StartListening();
}
The stop_listening method disconnects any connected clients and stops listening.
Configuration Requirements
The embedded server's behavior is configured via the server_settings property and the server_cert property. These settings control the local interface and port on which the server listens, as well as the allowed authentication methods.
Authentication
When hosting MCPServer using the embedded web server, the property determines which authentication schemes the embedded server will allow.
Connection Security
When using the embedded server, the server hosts a plaintext (HTTP) endpoint by default. The server_cert property is used to enable TLS for secure connections. When server_cert is set to a TLS certificate, the embedded HTTP server will use and require TLS for inbound HTTPS connections.
Sending Responses
The type of HTTP response generated by the class depends on logic that occurs within events that fire as the class processes requests.
After processing a request, the class automatically sends an HTTP response according to the MCP standard. Errors are reported to the client via HTTP error responses, and success is reported via 200 OK. The contents of the response depend on the specific operation performed.
External Server
Processing Inbound Requests
When functioning in external server mode, the external server framework listens for HTTP requests. The HttpContext object must be passed explicitly to the class to process the request.
Authentication
Authentication occurs outside the scope of MCP SDK when using the external server mode. Prior to passing the to the class via process_request, the incoming request should be authenticated using the appropriate mechanism. For instance, an ASP.NET Core application may require basic or NTLM authentication to access the endpoint where the request will be processed. Once the request has been authenticated through external verification, the should be passed to the process_request method.
Configuration Requirements
External servers may require configuration such that MCP requests can be passed to MCP SDK. The details depend on the framework used to build the external server.
Connection Security
When hosting the class via an external server, the security settings in the external server framework determine connection security. The class has no impact on TLS in this processing mode.
Sending Responses
The type of HTTP response generated by the class depends on logic that occurs within events that fire as the class processes requests.
Offline Mode
Processing Inbound Requests
When functioning in offline mode, the class uses the request and request_headers properties to read inbound requests. These properties should be set to the request body and headers, respectively, before processing the request by calling the process_request method with .
In offline mode, the class will not attempt to send a response to clients. Instead, the response and response_headers properties are set to the body content and headers, respectively, of the response.
Authentication
Authentication is fully outside the scope of the class when using offline mode. The class will process requests without any direct checks for authentication.
Configuration Requirements
In offline mode, the class is agnostic to any process that occurs prior to setting the request and request_headers properties, and as such does not require any additional configuration.
Connection Security
In offline mode, the class does not have a live connection to a client, so connection security is not directly relevant to the class's operation.
Sending Responses
The type of HTTP response generated by the class depends on logic that occurs within events that fire as the class processes requests.
After processing a request in offline mode, the class will populate the response and response_headers properties with the content of the response. This data can be extracted from these properties and returned to the client using whatever approach is appropriate.