IIS 7 - If Error 403.4 occurs, BeginRequest event doesn't trigger

Question

Hi, all:

I am testing my own http module and studying IIS integrated pipeline at same time. In my module, I registered events: RQ_BEGIN_REQUEST, RQ_END_REQUEST, RQ_AUTHENTICATE_REQUEST, RQ_AUTHORIZE_REQUEST

My website has one page require SSL, others don't. When other http:// pages requested, all 4 events are triggered. When this page is requested using http:// rather than https://, server returns "403.4 The page you are trying to access is secured with Secure Sockets Layer (SSL)." However, only EndRequest event is triggered in this case. Why is this? If I use https://, then everything is fine.

Answer 1

I have done experiment and find answer to my question.

When client request page, which requires SSL, with non-SSL (http://) method, IIS Web Core sets response error code to 403.4 in its BeginRequest event handler. BeginRequest events for other Http request modules are supressed, only LogRequest and EndRequest events are triggered.

So in order to capture all such client requests and redirect http:// requests to https://, global module is needed instead of Http request module. In global module code, register event handler for GL_PRE_BEGIN_REQUEST.