How to Customize ASP.NET Web API AuthorizeAttribute for Unusual Requirements
The best solution for my scenario appears to be bypass the base OnAuthorization completely. Since I have to authenticate each time cookies and caching the principle are not of much use. So here is the solution I came up with: public override void OnAuthorization(HttpActionContext actionContext) { string username; string password; if (GetUserNameAndPassword(actionContext, out username, out … Read more