IIS Event Notifications
The AuthFilter monitors both incoming and outgoing streams of data and registers with Internet Information Services (IIS) for notification of the following events:
SF_NOTIFY_ORDER_LOW. Load the AuthFilter low so that authentication occurs at the end of a list of filters.
SF_NOTIFY_SECURE_PORT | SF_NOTIFY_NONSECURE_PORT. Support secure/non-secure requests.
SF_NOTIFY_PREPROC_HEADERS. A single SF_PREPROC_HEADERS event occurs for each page request signaling that the server has finished preprocessing the header and is about to begin processing the information inside the header. This is where cookie checking, and so on are performed by the AuthFilter.
SF_NOTIFY_URL_MAP. For mapping the URL to a physical path, correcting the URL, if required, for case sensitive virtual directory roots. Used to retrieve CS Authentication resource properties.
SF_NOTIFY_AUTHENTICATION. This notification is sent just before IIS attempts to authenticate the user. This is where the AuthFilter retrieves/sets the user ID and password.
SF_NOTIFY_ACCESS_DENIED. Access Denied. The AuthFilter redirects to a login page or error page as required
SF_NOTIFY_SEND_RESPONSE. Used to read proxy account information from the redirect (302) query string and store in cache. Also used to format a custom redirect header and body containing the first requested URL.
SF_NOTIFY_SEND_RAW_DATA. Used to filter out the original redirect request while performing a custom redirect.
SF_NOTIFY_END_OF_REQUEST. End of a particular request. The AuthFilter writes the custom redirect message back to the client.
SF_NOTIFY_END_OF_NET_SESSION. End of session; cleanup resources.