public override void OnAuthorization(HttpActionContext actionContext)
{
var input = actionContext.Request;
var principal = PrincipalHelper.GetPrincipalFromHttpRequest(input);
if (principal == null)
{
throw UnauthorizedException();
}
var user = Membership.GetUser(principal.Identity.Name);
if (user == null)
{
throw UnauthorizedException();
}
PrincipalHelper.SetPrincipal(input, principal);
base.OnAuthorization(actionContext);
}