How to Return HTTP Status Code 401 (Unauthorized) from OnHeartbeatInit


What is the correct way to return HTTP status code 401 (Unauthorized) from OnHeartbeatInit event handler.

I’m currently throwing HttpError.Unauthorized (see code below) but that results in status code 500.

var session = request.GetSession();
if (session.IsAuthenticated)
  . . .
  throw HttpError.Unauthorized("Session is not authenticated.");

Thank you,


Have a look at how we’re doing it :slight_smile:

Basically in a filter you should write directly to the response instead of throwing an exception, e.g:

res.StatusCode = (int)HttpStatusCode.Unauthorized;
res.StatusDescription = "Thou shall not pass";
res.EndHttpHandlerRequest(skipHeaders: true);