This sample illustrates how to implement an authentication filter with ISAPI.
The filter uses the HTTP_FILTER_AUTHENT structure to determine the unmapped username of the user accessing IIS. The filter then tries to map that username to a Windows user account.
If a match is not found, the filter returns an error, with SF_STATUS_REQ_ERROR, and the last error is set to ERROR_ACCESS_DENIED. If an Windows account match is found, the user is logged in to the server.
This project is available in the ...\isapi\extensions\authentication subdirectory of the IIS samples directory.