logicbomb/gist:4236277

## gistfile1.cs
//set up fake it easy
var authService = A.Fake<IAuthenticationService>();
var connFactory = A.Fake<IDbConnectionFactory>();
var publisher = A.Fake<IPublisher>();

var identity = A.Fake<IUserIdentity>();
A.CallTo(() => identity.Claims).Returns(new List<string> {"Admin"});
A.CallTo(() => identity.UserName).Returns("test@example.com");

A.CallTo(()=>authService("test@example.com", "password")).Returns(new User{Id=1, Claims=new List<string> {"admin"});

A.CallTo(() => _authenticationService.GetUserFromIdentifier(Guid.Empty, null))
  .WithAnyArguments()
  .Returns(identity);

// set up forms auth
var cryptographyConfiguration = new CryptographyConfiguration(new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] {1, 2, 3, 4, 5, 6, 7, 8}, 1000)), DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] {1, 2, 3, 4, 5, 6, 7, 8}, 1000));

var config = new FormsAuthenticationConfiguration()
{
  CryptographyConfiguration = cryptographyConfiguration,
  RedirectUrl = "/login",
  UserMapper = _authenticationService,
};

FormsAuthentication.Enable(A.Fake<IPipelines>(), config);

//bootstrap and browse
var bootstrapper = new ConfigurableBootstrapper(c =>															{
//  I'm not sure what DisableAutoRegistration is all about, nothing is changes whether or not it's called
  //c.DisableAutoRegistration();
  c.Dependency<ICommandPublisher>(publisher);
  c.Dependency<IDbConnectionFactory>(connFactory);
  c.Dependency<IAuthenticationService>(authService);
  c.Modules(new Type[] { typeof(LoginModule) });
});

bootstrapper.Initialise();
var browser = new Browser(bootstrapper);
var response = browser.Post("/login", with => {
  with.HttpRequest();
  with.FormValue("Email", "test@example.com");
  with.FormValue("Password", "password");
}).Then.Get("/some-page-that-requires-admin-claims");
	//set up fake it easy
	var authService = A.Fake<IAuthenticationService>();
	var connFactory = A.Fake<IDbConnectionFactory>();
	var publisher = A.Fake<IPublisher>();

	var identity = A.Fake<IUserIdentity>();
	A.CallTo(() => identity.Claims).Returns(new List<string> {"Admin"});
	A.CallTo(() => identity.UserName).Returns("test@example.com");

	A.CallTo(()=>authService("test@example.com", "password")).Returns(new User{Id=1, Claims=new List<string> {"admin"});

	A.CallTo(() => _authenticationService.GetUserFromIdentifier(Guid.Empty, null))
	.WithAnyArguments()
	.Returns(identity);

	// set up forms auth
	var cryptographyConfiguration = new CryptographyConfiguration(new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] {1, 2, 3, 4, 5, 6, 7, 8}, 1000)), DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] {1, 2, 3, 4, 5, 6, 7, 8}, 1000));

	var config = new FormsAuthenticationConfiguration()
	{
	CryptographyConfiguration = cryptographyConfiguration,
	RedirectUrl = "/login",
	UserMapper = _authenticationService,
	};

	FormsAuthentication.Enable(A.Fake<IPipelines>(), config);

	//bootstrap and browse
	var bootstrapper = new ConfigurableBootstrapper(c => {
	// I'm not sure what DisableAutoRegistration is all about, nothing is changes whether or not it's called
	//c.DisableAutoRegistration();
	c.Dependency<ICommandPublisher>(publisher);
	c.Dependency<IDbConnectionFactory>(connFactory);
	c.Dependency<IAuthenticationService>(authService);
	c.Modules(new Type[] { typeof(LoginModule) });
	});

	bootstrapper.Initialise();
	var browser = new Browser(bootstrapper);
	var response = browser.Post("/login", with => {
	with.HttpRequest();
	with.FormValue("Email", "test@example.com");
	with.FormValue("Password", "password");
	}).Then.Get("/some-page-that-requires-admin-claims");