public void WhenPreAuthenticateAndNoSignature_ThenCreatesNoSession()
{
var request = new MockHttpRequest();
var response = new MockHttpResponse(request);
provider.PreAuthenticate(request, response);
var session = request.GetSession();
Assert.That(session.Id, Is.Not.Null);
Assert.That(session.IsAuthenticated, Is.False);
}
