I had assignment to implement some custom encryption scheme on IIS. I first checked out ISAPI filters, but found out that they are deprecated and SSL is no go, because of device limitation and I was unable to find low resource native encryption supported by IIS.
I am playing whit HttpModules.
So when I catch BeginRequest I store HttpApplication.Request.ServerVariables["REMOTE_PORT"] and HttpApplication.Request.ServerVariables["REMOTE_HOST"] and this is way to handle sockets based session.
Only remaining problem I have is how to release this resources once the socket is disconnected , because reference is other way never released.
I tried whit handling HttpApplication.Session, but they do not work as expected, because http sessions are not handled at this sub http level.