/// <summary>
/// Provides a hook for overriding default authentication of incoming user credentials.
/// </summary>
/// <remarks>
/// Overriding methods should throw <see cref="DreamAbortException"/> if the user cannot be authenticated.
/// </remarks>
/// <param name="context">Request context.</param>
/// <param name="message">Request message.</param>
/// <param name="username">Request user.</param>
/// <param name="password">User password.</param>
protected void Authenticate(DreamContext context, DreamMessage message, out string username, out string password)
{
if (!HttpUtil.GetAuthentication(context.Uri, message.Headers, out username, out password))
{
throw new DreamAbortException(DreamMessage.AccessDenied(AuthenticationRealm, "authentication failed"));
}
}