OnFailedAuthentication not called after TryAuthenticate fails

I have a CredentialsAuthProvider implementation that should return a custom payload instead of the default “ErrorMessages.InvalidUsernameOrPassword” when authentication fails.

The current implementation of DigestAuthProvider.Authenticate throws an HttpError on the last line of the method where I would expect it to call the OnFailedAuthentication message. Is there a way around this or is this intended behavior?

Sorry if the question was already posted somewhere - I couldn’t find a comparable question via the search.

Thanks,
Robert van Drunen

Do you mean this line?

OnFailedAuthentication is called when Authentication fails inside the Request pipeline, in the Authenticate() method it always throws a HttpError. You could override Authenticate() with your own custom impl e.g. you can call base.Authenticate() in a try/catch and call OnFailedAuthentication () yourself.

Yes, that one.

I totally missed the overridable Authenticate above it - that’s my way out. Thanks.