Export (0) Print
Expand All

AuthFilter

Commerce Server 2002

AuthFilter is an ISAPI filter provided with Commerce Server 2002. AuthFilter alters the default behavior of IIS and affects how HTTP requests and responses are handled.

By default, when AuthFilter is used, it is installed at the IIS site level with low priority. This means that if other ISAPI filters are running in IIS, they will process requests before AuthFilter does. If ISAPI filters from other applications, or custom ISAPI filters, are installed on your Web server, you can configure these ISAPI filters at a higher priority if you want those filters to process requests before AuthFilter does.

AuthFilter can be used in different authentication modes. For information about the AuthFilter modes, see Overview of AuthFilter Authentication Modes.

Regardless of the authentication mode, when AuthFilter is notified of an incoming request, it automatically does the following:

  • Detects whether the requested URL is correct. AuthFilter automatically corrects for the case sensitivity of the Internet Information Services (IIS) virtual directory roots.

    Ee796589.caution(en-US,CS.20).gif Caution

    • AuthFilter issues a redirect to correct the case in the requested URL. Any Post data in the requested URL is lost.
  • Checks whether the browser supports cookies. If the client browser does not support cookies, AuthFilter redirects the user to a no cookie page. AuthFilter requires that browsers support cookies.

    Ee796589.caution(en-US,CS.20).gif Caution

    • AuthFilter issues a redirect when it verifies if the browser supports cookies. This verification is done for only the very first request, that is made during the session. Any Post data in the requested URL is lost.
  • Checks that the user has a valid ticket. For Windows and Custom Authentication modes, if the request does not contain a valid MSCSAuth ticket, then the request is redirected to the Login.asp page. For Autocookie mode, if the request does not have a valid MSCSProfile ticket, then the request is redirected to the autocookie.asp page.

After performing these tasks, AuthFilter performs additional tasks, depending on the authentication mode.

This section contains:

Copyright © 2005 Microsoft Corporation.
All rights reserved.
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft