protected void Application_PostAuthenticateRequest(Object sender, EventArgs e) { HttpCookie authCookie = Request.Cookies[AuthToken.AuthTokenKey]; if (authCookie != null) { var authToken = AuthToken.Decrypt(authCookie.Value); var validator = StructuremapConfig.StructureMapResolver.Container.GetInstance <IAuthValidator>(); var permissions = validator.ValidateToken(authToken); if (permissions != null) { HttpContext.Current.User = new VkAppPrincipal(authToken.Role, permissions); } } }