private void Unauthorized()
{
// HACK: Prevent ASP.NET Forms Authentication to redirect the user to the login page.
// This thread-safe approach adds a header with the suppression to be read on the
// OnEndRequest event of the pipelien. In order to fully support the supression you should have the ASP.NET Module
// that does this (SuppressFormsAuthenticationRedirectModule).
var response = new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized);
response.Headers.Add(SuppressFormsAuthenticationRedirectModule.SuppressFormsHeaderName, "true");
throw new HttpResponseException(response);
}
