Is there a way to react to tokenValidator in a different way?

[rosswil...@googlemail.com]

Essentially is it possible to validate a token without returning a 400?

My use case is this. I want to accept all requests via membrane and validate their token.  Whether this was validated or not I want to then ping them off to our in-house authorisation server which will decide which resources we can view and provide any advice regarding the result and continue on from there.

My problem is that as soon as my request hits <tokenValidator>, it throws out a 400 and that's that.  Is there an easy config way of dealing with this?