public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext) { base.OnActionExecuting(actionContext); var session = HttpContext.Current.Session; string ipaddress = string.Empty; if (actionContext.Request.Properties.ContainsKey("MS_HttpContext")) { ipaddress = ((HttpContextWrapper)actionContext.Request.Properties["MS_HttpContext"]).Request.UserHostAddress; } else if (actionContext.Request.Properties.ContainsKey(RemoteEndpointMessageProperty.Name)) { RemoteEndpointMessageProperty prop; prop = (RemoteEndpointMessageProperty)actionContext.Request.Properties[RemoteEndpointMessageProperty.Name]; ipaddress = prop.Address; } if (IsPreLoginRequest(actionContext)) { return; } if (session["authinfo"] == null) { string localURL = actionContext.Request.RequestUri.LocalPath.ToLower(); string method = RequestUtil.GetAction(localURL); if (!localURL.ToLower().EndsWith("SaveFBDetails".ToLower()) && !localURL.ToLower().EndsWith("Register".ToLower()) && !localURL.ToLower().EndsWith("Login".ToLower())) { throw new AppException(ErrorCode.INVALID_SESSION); } } else { ResetAppRequestContext(session, ipaddress); } }