public override ReadOnlyCollection<IAuthorizationPolicy> Authenticate(ReadOnlyCollection<IAuthorizationPolicy> authPolicy, Uri listenUri, ref Message message)
        {
            IncomingWebRequestContext request = WebOperationContext.Current.IncomingRequest;
            WebHeaderCollection headers = request.Headers;

            string token = null;
            if (headers["token"] != null)
            {
                token = headers["token"];
            }
            IPrincipal user = new CustomPrincipal(token);

            message.Properties["Principal"] = user;

            message.Properties["hello"] = "world";
            return authPolicy;
        }
        public HttpCookie Authenticate(User user)
        {
            JavaScriptSerializer serializer = new JavaScriptSerializer();
            //FormsAuthentication.SetAuthCookie(user.Username, false);

            var principal = new CustomPrincipal(user.Username);

            principal.Id       = 1;
            principal.FullName = user.Username;
            principal.Password = user.Password;
            string userData = serializer.Serialize(principal);

            FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, user.Username,
                                                                                 DateTime.Now,
                                                                                 DateTime.Now.AddMinutes(15),
                                                                                 false,
                                                                                 userData);

            string     encTicket = FormsAuthentication.Encrypt(authTicket);
            HttpCookie faCookie  = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);

            return(faCookie);
        }