/// <summary>
/// Raises the <see cref="Authenticate"/> event.
/// </summary>
protected virtual void OnAuthenticate(BasicAuthenticationEventArgs e)
{
if (e == null)
throw new ArgumentNullException("e");
BasicAuthenticationEventHandler handler = Authenticate;
if (handler != null)
handler(this, e);
}
/// <summary>
/// Raises the Authenticate event and then allows access to the
/// authenticated identity by installing it as the user making the
/// current request.
/// </summary>
protected virtual void Allow(HttpContext context, IIdentity identity, object userToken)
{
//
// Raise the Authenticate event. This gives the application the
// chance to, for example, catch the event in Global.asax and
// set a custom principal upon authentication.
//
BasicAuthenticationEventArgs eventArgs = new BasicAuthenticationEventArgs(context, identity, userToken);
OnAuthenticate(eventArgs);
//
// If no user was set into the context by the event handler(s)
// and a user object was supplied, then install it into the
// context now.
//
if (context.User == null && eventArgs.User != null)
context.User = eventArgs.User;
//
// No user set so far? Let's create a generic one with no roles.
//
if (context.User == null)
{
IPrincipal user = userToken as IPrincipal;
if (user == null)
user = new GenericPrincipal(eventArgs.Identity, null);
context.User = user;
}
}