Is it possible to write custom authenticator that will:
1) Has top priority (executed first) - YES
2) Be executed only when certian header will be present in the request - YES
3) Return 401 Unauthorized if credentials will be wrong AND respond to the user immedietally without executing system authenciators (HTTP BASIC etc) - ???