/// <summary> /// Authorization function which will check for a valid Nessus token, throws 403 exception if not valid /// </summary> protected void OnAuthorization() { // The authorization process can be short-circuited for testing by web.config key DoAuthorization string DoAuthorization = ConfigurationManager.AppSettings["DoAuthorization"]; if (!string.IsNullOrEmpty(DoAuthorization) && DoAuthorization == "false") { return; } string token = getNessusAuthorization(); if (!authRepository.IsValidNessusToken(token)) { throw new HttpResponseException(HttpStatusCode.Forbidden); } }