ISAPI is an acronym of Internet Server Application Programming Interface, a Microsoft set of standard application programming interfaces (APIs) for developing extensions to Internet Information Services (IIS).
Internet Server API (ISAPI) provides developers with a powerful way to extend the functionality of IIS to provide better performance than Active Server Pages (ASP) or the Common Gateway Interface (CGI) and to provide low-level access to all Microsoft Win32 API functions. Of course, since ISAPI dynamic-link libraries (DLLs) are generally written in a high-level programming language such as C or C++, they are usually more difficult to develop than ASP-based or CGI-based solutions and might not scale as well.
There are two kinds of ISAPI DLLs, which have different uses on IIS:
- ISAPI extensions: Run-time DLLs that can run either “in process” or “out of process” on IIS. ISAPI extensions provide extended functionality to IIS.
- ISAPI filters: Used to preprocess packets of data before they enter or leave the IIS main process. An example of an ISAPI filter is the Secure Sockets Layer (SSL) protocol component on IIS 4.
An ISAPI Extension is a dynamic-link library (DLL) that runs in the same address space as the Web server running Internet Information Services (IIS) and can access all available resources on the Web server.
ISAPI extensions (sometimes called ISAPI Server extensions) can run in process or out-of-process on IIS. These extensions are generally loaded on-demand the first time a user requests them and remain in memory until the service is stopped.
You can use ISAPI extensions wherever you might use Common Gateway Interface (CGI) applications, such as for a form handler for Hypertext Markup Language (HTML) forms. An ISAPI extension is generally called in a manner similar to calling a CGI application.
For example, the Uniform Resource Locator (URL) shown below invokes the extension TEST.DLL on the Web site www.northwind.microsoft.com and passes it the parameters Value1 and Value2: http://www.northwind.microsoft.com/isapie/TEST.DLL?Value1&Value2
An ISAPI filter is a dynamic-link library (DLL) that is loaded into Internet Information Services (IIS) when it starts and that remains in memory until it stops.
ISAPI filters provide Web servers such as IIS with the ability to preprocess or postprocess information sent between the client and server, and they have no equivalent in the Common Gateway Interface (CGI) scheme.
ISAPI filters receive special filter event notifications and respond based on these notifications. You use ISAPI filters for such tasks as custom authentication, encryption, and compression schemes or for updating logging statistics on the Web server.
ISAPI filters are generally called for every Uniform Resource Locator (URL) that the Web server processes instead of being explicitly invoked by a URL, as are ISAPI extensions.
Custom ISAPI filters can be designed by third-party developers for such tasks as
- Custom authentication
- Data encryption
- Data compression
- Traffic analysis
See also: ISAPI Extension Architecture