void AuthenticateRequest (object sender, EventArgs e) {
// The AuthenticateRequest event is raised after the identity of the current user has been
// established. The handler for this event sets the SkipAuthorization property of the HttpContext
// for the current request. This property is checked in the authorization module to see
// if it has to omit authorization checking for the requested url. Usually an HttpModule
// use this property to allow anonymous access to some resources (for example,
// the Login Page if we’re using forms authentication). In our scenario,
// the ScriptModule sets the SkipAuthorization to true if the requested url is
// scriptresource.axd or if the authorization module is enabled and the request is a rest
// request to the authorization web service.
}