public void ApplyingSecurity_DoesNotSetAuthorizationHeader() { // Arrange var basicAuth = new Anonymous(); var request = new HttpRequestMessage(); // Act basicAuth.ApplySecurity(request); var actualAuthorizationHeader = request.Headers.Authorization; // Assert Assert.IsNull(actualAuthorizationHeader); }