Setting Application Mappings (IIS 6.0)
Because you can choose from many programming and scripting languages when you develop Web applications, IIS uses the file name extension of a requested resource on your Web site to determine which ISAPI or CGI program to run to process a request. For example, a request for a file with an .aspx extension causes the Web server to call the ASP.NET ISAPI (Aspnet_isapi.dll) to process the request. The association of a file name extension with an ISAPI or CGI program is called application mapping (or sometimes script mapping or application extension mapping).
IIS 6.0 is preconfigured to support common application mappings. You can add or remove mappings for all of the applications on a Web site or for an individual application. Use IIS Manager to map a file name extension to an application or remove an application mapping. For more information about setting application mappings, see Setting Application Mappings in IIS 6.0.
Benefits of Using Wildcard Application Mappings Instead of ISAPI Filters
You can configure a Web site or virtual directory to run any number of ISAPI applications at the beginning of every request to that Web site or virtual directory, regardless of the file name extension of the requested file. This type of configuration, which can only be an ISAPI application, is called wildcard application mapping.
When an IIS Web server receives a request from a client, the Web server looks at the file name extension for the requested file to determine whether an ISAPI or CGI application handles that file type. For example, if a request comes in for a Web page called Default.asp, IIS knows from its default application mappings that ASP files are handled by the Asp.dll ISAPI extension.
Prior to wildcard application mapping, if you wanted certain tasks to be executed for every client request before the requested page was sent to its mapped application, you had to write an ISAPI filter that intercepted requests as they arrived. Wildcard application mapping offers an alternative to ISAPI filters. Although ISAPI filters are excellent for the functions that they perform, they have a more narrow use than do ISAPI applications.
For example, when you use wildcard application mapping, your ISAPI application:
For more information about ISAPI filters, see Installing ISAPI Filters.
Request Handling with Wildcard Application Mappings
Highly secure Web applications, such as banking applications, require that every user who makes a request be authenticated against a database of user names, passwords, and account numbers. After the user is authenticated, certain rules are applied that specify what information the user can access. If the wildcard application map determines that the user has no rights, it can prevent the request from going any farther, or it can redirect the request to a new Web page.
You can implement a custom authentication and authorization scheme like this in an ISAPI application that you install as a wildcard application mapping, and all users must go through authentication regardless of the file type of their requests. For example, when you install wildcard application mappings, IIS processes a client request in this way: