HTTP_FILTER_ACCESS_DENIED

IIS includes a pointer to this structure when a user is presented with an Access Denied error message. If your filter should be notified for this event, it should register for the SF_NOTIFY_ACCESS_DENIED event.

typedef struct _HTTP_FILTER_ACCESS_DENIED
{
const CHAR * pszURL;           //Requesting URL
const CHAR * pszPhysicalPath;  //Physical path of resource
DWORD        dwReason;         //Bitfield of SF_DENIED flags
} HTTP_FILTER_ACCESS_DENIED, *PHTTP_FILTER_ACCESS_DENIED
 

Members

pszURL

The URL that requested access to the resource.

pszPhysicalPath

The physical path of the resource that was requested.

dwReason

A DWORD containing flags that indicate the reasons for the denial. Can be one of the following values.

Value	Meaning
SF_DENIED_LOGON	The client could not be logged on.
SF_DENIED_RESOURCE	The resource was security by a Windows NT® ACL.
SF_DENIED_FILTER	An ISAPI Filter denied the request.
SF_DENIED_APPLICATION	An ISAPI or CGI Application denied the request.
SF_DENIED_BY_CONFIG	The server configuration denied the request. For example, disabling Anonymous requests on the server would generate this filter notification when a user without credentials tried to make a request to the server.

Remarks

This structure indicates that the requested resource has been denied by the server. The structure is generated when there has been a logon failure, or if an ISAPI filter has requested a resource that has an associated Access Control List that does not include the logged on user.

The server will automatically include the supported authentication schemes when an ISAPI extension, filter, or CGI script returns a 401 Access Denied error code.